PT-2025-32674 · Ivanti · Ivanti Connect Secure+3
Published
2025-08-12
·
Updated
2025-08-13
·
CVE-2025-5456
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Ivanti Connect Secure versions prior to 22.7R2.8 and 22.8R2
Ivanti Policy Secure versions prior to 22.7R1.5
Ivanti ZTA Gateway versions prior to 2.8R2.3-723
Ivanti Neurons for Secure Access versions prior to 22.8R1.4
Description:
A buffer over-read issue allows a remote, unauthenticated attacker to cause a denial of service.
Recommendations:
Update Ivanti Connect Secure to version 22.7R2.8 or 22.8R2.
Update Ivanti Policy Secure to version 22.7R1.5.
Update Ivanti ZTA Gateway to version 2.8R2.3-723.
Update Ivanti Neurons for Secure Access to version 22.8R1.4.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ivanti Connect Secure
Ivanti Neurons For Secure Access
Ivanti Policy Secure
Ivanti Zta Gateways