← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-0282 — Actively Exploited: Connect Secure, Policy Secure, and ZTA Gateways (Ivanti)

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.

CVE IDCVE-2025-0282
VendorIvanti
ProductConnect Secure, Policy Secure, and ZTA Gateways
Vulnerability nameIvanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Date added2025-01-08
Remediation due2025-01-15
Known ransomware useKnown
Required actionApply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.
DescriptionIvanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →