Ivanti experienced a severe security breach due to an unauthenticated remote code execution vulnerability, CVE-2025-22457, exploited by a China-nexus threat actor. This vulnerability, impacting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways, allowed attackers to execute arbitrary code remotely via a complex heap spray technique. The exploitation resulted from a failure to check buffer lengths within the application's web server binary. With patches released for some products and others pending, the incident underscores the critical importance of applying security updates promptly to avoid potential data breaches and system compromisation.
Source: https://cybersecuritynews.com/ivanti-0-day-rce-vulnerability/
"id": "iva916041125",
"linkid": "ivanti",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"