SecurityWeek reports that Ivanti has warned of ongoing intrusions targeting Ivanti Connect Secure versions earlier than 22.7R2.5 that are impacted by the critical stack-based buffer overflow vulnerability that attackers could abuse to facilitate remote code execution.
While the security flaw, tracked as CVE-2025-0282, also impacts Ivanti Policy Secure versions older than 22.7R1.2 and Ivanti Neurons for ZTA Gateways older than 22.7R2.3, such devices have not been subjected to attacks, according to Ivanti.
All of these Ivanti products are also affected by a yet-to-be-exploited high-severity bug, tracked as CVE-2025-0283, which attackers could leverage for privilege escalation. Organizations using Ivanti Connect Secure have been urged to monitor exploitation via the firm's Integrity Checker Tool and conduct factory resets before implementing the updated Connect Secure version. Ivanti has also noted the significantly lower odds of exploitation for vulnerable Ivanti Policy Secure, which will be patched Jan. 21.
