A critical vulnerability impacting Ivanti softwares Connect Secure, Neurons for Zero Trust Access and Policy Secure has been reported. It has been assigned the reference CVE-2025-0282 and a CVSS 3.1 score of 9.0.
It should be noted that proof of concept of this CVE-2025-0282 vulnerability are publicly available.
Initial vector attack of the Ivanti vulnerability
The vulnerability allows an unauthenticated attacker to trigger a remote code execution.
Technical details of the Ivanti vulnerability
The 'web' exposed service performs an improper size check on a string received from a user, which can lead to a stack overflow and possible takeover of the service by an external attacker.
Attack modelling with MITRE ATT&CK
MITRE ATT&CK
- T1190 (Exploit Public-Facing Application)
How to protect against the Ivanty vulnerability with Stormshield Network Security
Protection against CVE-2025-0282
Stormshield Network Security (SNS) firewalls detect and block exploitation of CVE-2025-0282 with the protocol inspection:
- http:53: Protocole HTTP invalide
Confidence index for the protection offered by Stormshield |
Confidence index for the absence of false positives |
Recommandations regarding the Ivanti vulnerability
It is therefore strongly recommended to update your Ivanti softwares:
- Connect Secure : 22.7R2.5 or higher
- Neurons for Zero Trust Access : 22.8R2 or higher
- Policy Secure : 22.7R1.3 or higher
