Ivanti Connect Secure Faces Critical Vulnerabilities in 2025
/ 1 min read
🔐 Ivanti Connect Secure faces critical vulnerabilities in 2025, echoing past issues. The cybersecurity landscape remains precarious as Ivanti Connect Secure is once again exposed to serious vulnerabilities, including a pre-authentication stack-based buffer overflow (CVE-2025-0282) that allows remote code execution without authentication. This situation mirrors similar problems from January 2024, raising concerns about Ivanti’s response to security pledges made previously. While a patch for the affected version (22.7r2.5) is available, users of other Ivanti products must wait until January 21, 2025, for fixes. The ongoing exploitation by threat actors highlights the urgency for organizations to prioritize rapid patching and security measures to mitigate potential breaches. Continuous security testing is emphasized as essential for defending against emerging threats.
