CVE-2025-22460

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Ivanti Cloud Services Application versions prior to 5.0.5

Description: The issue concerns default credentials in the Ivanti Cloud Services Application, allowing a local authenticated attacker to escalate their privileges.

Recommendations: For versions prior to 5.0.5, update to version 5.0.5 or later to resolve the issue.

Fix

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1392

Related Identifiers

BDU:2025-06725

CVE-2025-22460

Affected Products

Ivanti Cloud Services Application

CVE-2025-22460

Weakness Enumeration

Related Identifiers

Affected Products

References · 8