CVE-2025-0282: Ivanti Connect Secure, Policy Secure, and ZTA Gateways
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability. Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
- CISA KEV-listed (remediation due 2025-01-15)
- used in ransomware campaigns
- EPSS 94.1% (99.9% percentile)