Back to KEVs

CVE-2025-0282

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons...

Basic Information

CVE State
PUBLISHED
Reserved Date
January 06, 2025
Published Date
January 08, 2025
Last Updated
February 20, 2025
Vendor
Ivanti
Product
Connect Secure, Policy Secure, Neurons for ZTA gateways
Description
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

CVSS Scores

CVSS v3.1

9.0 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2025-01-08 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2025-03-10 21:33:36 UTC) Source

References

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

Known Exploited Vulnerability Information

Source Added Date
CISA 2025-01-08 00:00:00 UTC

Recent Mentions

DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks

Source: TheHackerNews • Published: 2025-04-25 08:43:00 UTC

Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

punitdarji/Ivanti-CVE-2025-0282

Type: github • Created: 2025-03-10 21:33:36 UTC • Stars: 2

Ivanti Remote code execution

44xo/CVE-2025-0282

Type: github • Created: 2025-02-25 16:44:54 UTC • Stars: 0

AdaniKamal/CVE-2025-0282

Type: github • Created: 2025-01-28 07:56:05 UTC • Stars: 2

Ivanti Connect Secure, Policy Secure & ZTA Gateways - CVE-2025-0282

almanatra/CVE-2025-0282

Type: github • Created: 2025-01-22 08:14:54 UTC • Stars: 1

Exploit for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways

sfewer-r7/CVE-2025-0282

Type: github • Created: 2025-01-16 14:45:53 UTC • Stars: 37

PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways

watchtowrlabs/CVE-2025-0282

Type: github • Created: 2025-01-15 18:27:12 UTC • Stars: 24

Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)

AnonStorks/CVE-2025-0282-Full-version

Type: github • Created: 2025-01-12 11:58:40 UTC • Stars: 3

# CVE-2025-0282: Remote Code Execution Vulnerability in [StorkS]

absholi7ly/CVE-2025-0282-Ivanti-exploit

Type: github • Created: 2025-01-11 02:06:51 UTC • Stars: 46

CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.