Urgent Notice on Ivanti's Security Flaw

Urgent Notice on Ivanti's Security Flaw

Ivanti, a leading provider of unified IT management solutions, has issued a Security Advisory regarding an unauthenticated buffer overflow vulnerability (CVE-2025-22457) in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. This vulnerability is currently being actively exploited, posing a significant risk to Australian organizations using Ivanti products.

The affected versions of Ivanti Connect Secure include version 22.7R2.5 and earlier, while Pulse Connect Secure 9.1.X, despite being end of support as of 31 December 2024, remains vulnerable to this critical flaw.

Neurons for ZTA gateways and Ivanti Policy Secure are also affected by the unauthenticated buffer overflow vulnerability (CVE-2025-22457).

In response to this threat, the Australian Cyber Security Centre (ACSC) has recommended Ivanti's customers to follow the advice in Ivanti's Security Advisory. Australian organizations using Ivanti products are advised to assess their environments for malicious activity.

Mandiant, a renowned cybersecurity firm, has also issued a Security Advisory for this vulnerability. The alert is intended for technical users who use Ivanti products and is relevant to Australian organizations that use Ivanti products.

To mitigate the risk of exploitation, users are advised to apply the patch immediately. The Australian Cyber Security Centre (ACSC) continues to recommend Ivanti's customers to follow the advice in Ivanti's Security Advisory.

At this time, there are no publicly disclosed specific Australian organizations known to use Ivanti products that are confirmed to be affected by the critical actively exploited vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA Gateways based on available search results.

Ivanti has released a Security Advisory for the critical vulnerability (CVE-2025-22457) in their products, providing detailed information about the vulnerability and the steps to address it. The alert is specifically for organizations in Australia.

In conclusion, Australian organizations using Ivanti products should prioritize assessing their environments for malicious activity and applying the necessary patches to mitigate the risk of exploitation of the unauthenticated buffer overflow vulnerability (CVE-2025-22457).

Read also:

• Oxidative Stress in Sperm Abnormalities: Impact of Reactive Oxygen Species (ROS) on Sperm Harm
• Is it possible to receive the hepatitis B vaccine more than once?
• Transgender Individuals and Menopause: A Question of Occurrence?
• Genetically manipulated rabbits sprout ominous black horns on their heads