Unrated severityCISA KEVNVD Advisory· Published Jan 8, 2025· Updated Oct 21, 2025
CVE-2025-0282
CVE-2025-0282
Description
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6<22.7R2.5+ 1 more
- (no CPE)range: <22.7R2.5
- (no CPE)range: 22.7R2
<22.7R1.2+ 1 more
- (no CPE)range: <22.7R1.2
- (no CPE)range: 22.7R1
<22.7R2.3+ 1 more
- (no CPE)range: <22.7R2.3
- (no CPE)range: 22.7R2
Patches
Vulnerability mechanics
References
1News mentions
1- LATAM Infrastructure Hit by Fortinet and Ivanti ExploitsInfosecurity Magazine · Jun 18, 2026