← Back

CVE-2025-22457

nvd nistnuclei
Published: Apr 3, 2025Modified: Oct 24, 2025CISA KEV

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

Affected (23)

Ivanti
3 products
Connect Secure
Policy Secure
Zero Trust Access Gateway
Configuration A
23 vulnerable
Vulnerable SoftwareAffected Versions
Ivanti
Connect Secure
Before 22.7
Connect Secure
Version 22.7
Connect Secure
Version 22.7 r1.1
Connect Secure
Version 22.7 r1.2
Connect Secure
Version 22.7 r1.3
Connect Secure
Version 22.7 r1.4
Connect Secure
Version 22.7 r1.5
Connect Secure
Version 22.7 r1
Connect Secure
Version 22.7 r2.1
Connect Secure
Version 22.7 r2.2
Connect Secure
Version 22.7 r2.3
Connect Secure
Version 22.7 r2.4
Connect Secure
Version 22.7 r2.5
Connect Secure
Version 22.7 r2
Ivanti
Policy Secure
Before 22.7
Policy Secure
Version 22.7
Policy Secure
Version 22.7 r1.1
Policy Secure
Version 22.7 r1.2
Policy Secure
Version 22.7 r1.3
Policy Secure
Version 22.7 r1
Ivanti
Zero Trust Access Gateway
Before 22.8
Zero Trust Access Gateway
Version 22.8
Zero Trust Access Gateway
Version 22.8 r2.1

Related CWEs

CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Vendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.