**Name of the Vulnerable Software and Affected Versions:**

Ivanti Connect Secure versions prior to 22.7R2.6

**Description:**

A stack-based buffer overflow exists in Ivanti Connect Secure. This vulnerability allows a remote authenticated attacker to achieve remote code execution. Approximately 2850 unpatched instances have been observed worldwide, with the United States and Japan being the most affected countries, accounting for 852 and 384 instances respectively. The vulnerability is actively exploited.

**Recommendations:**

Ivanti Connect Secure versions prior to 22.7R2.6: Upgrade to version 22.7R2.6 or later.