CVE-2025-5456

Published: Aug 12, 2025Modified: Sep 23, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75 (Secondary)

Description

A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service. CWE-125

Affected (29)

Products: Ivanti: Connect Secure, Policy Secure, Zero Trust Access Gateway, Neurons For Secure Access

Ivanti

4 products

Connect Secure

Policy Secure

Zero Trust Access Gateway

Neurons For Secure Access

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Ivanti Connect Secure	Before 22.7
Ivanti Connect Secure	Version 22.7
Ivanti Connect Secure	Version 22.7 r1.1
Ivanti Connect Secure	Version 22.7 r1.2
Ivanti Connect Secure	Version 22.7 r1.3
Ivanti Connect Secure	Version 22.7 r1.4
Ivanti Connect Secure	Version 22.7 r1.5
Ivanti Connect Secure	Version 22.7 r1
Ivanti Connect Secure	Version 22.7 r2.1
Ivanti Connect Secure	Version 22.7 r2.2
Ivanti Connect Secure	Version 22.7 r2.3
Ivanti Connect Secure	Version 22.7 r2.4
Ivanti Connect Secure	Version 22.7 r2.5
Ivanti Connect Secure	Version 22.7 r2.6
Ivanti Connect Secure	Version 22.7 r2.7
Ivanti Connect Secure	Version 22.7 r2

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Ivanti Policy Secure	Before 22.7
Ivanti Policy Secure	Version 22.7
Ivanti Policy Secure	Version 22.7 r1.1
Ivanti Policy Secure	Version 22.7 r1.2
Ivanti Policy Secure	Version 22.7 r1.3
Ivanti Policy Secure	Version 22.7 r1.4
Ivanti Policy Secure	Version 22.7 r1

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Ivanti Zero Trust Access Gateway	Version 22.8 r2.2

Configuration D

5 vulnerable

Vulnerable Software	Affected Versions
Ivanti Neurons For Secure Access	Before 22.8
Ivanti Neurons For Secure Access	Version 22.8 r1.1
Ivanti Neurons For Secure Access	Version 22.8 r1.2
Ivanti Neurons For Secure Access	Version 22.8 r1.3
Ivanti Neurons For Secure Access	Version 22.8 r1

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (1)

https://forums.ivanti.com/s/article/August-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-Multiple-CVEs?language=en_US

Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

Vendor Advisory

Timeline

No history available yet.