A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service.
2025-08-12T15:15:30.963
2025-09-23T18:21:21.697
Analyzed
3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ivanti | connect_secure | < 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | connect_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | < 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | policy_secure | 22.7 | Yes |
| Application | ivanti | zero_trust_access_gateway | 22.8 | Yes |
| Application | ivanti | neurons_for_secure_access | < 22.8 | Yes |
| Application | ivanti | neurons_for_secure_access | 22.8 | Yes |
| Application | ivanti | neurons_for_secure_access | 22.8 | Yes |
| Application | ivanti | neurons_for_secure_access | 22.8 | Yes |
| Application | ivanti | neurons_for_secure_access | 22.8 | Yes |