CVE-2025-22457

🗓️ 03 Apr 2025 15:20:23Reported by ivantiType

cve🔗 web.nvd.nist.gov📰️ 24 Media mentions👁 653 Views🌐 WEB

Critical vulnerability allows remote code execution in Ivanti Connect Secure and related products.

Reporter	Title	Published	Views	Family All 35
GithubExploit	Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure	10 Apr 202503:27	–	githubexploit
GithubExploit	Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure	25 May 202522:52	–	githubexploit
GithubExploit	Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure	9 Apr 202514:39	–	githubexploit
GithubExploit	Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure	13 Jul 202510:43	–	githubexploit
GithubExploit	Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure	8 Apr 202509:31	–	githubexploit
ATTACKERKB	CVE-2025-22457	3 Apr 202500:00	–	attackerkb
BDU FSTEC	The vulnerability of Ivanti Connect Secure, Ivanti Policy Secure, and ZTA Gateways’ network access control devices lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.	4 Apr 202500:00	–	bdu_fstec
Circl	CVE-2025-22457	3 Apr 202514:22	–	circl
CISA KEV Catalog	Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability	4 Apr 202500:00	–	cisa_kev
CISA	CISA Adds One Vulnerability to the KEV Catalog	4 Apr 202512:00	–	cisa

NVD

Vulners

Node

ivanti connect_secureRange<22.7-

ivanti connect_secureMatch22.7-

ivanti connect_secureMatch22.7r1

ivanti connect_secureMatch22.7r1.1

ivanti connect_secureMatch22.7r1.2

ivanti connect_secureMatch22.7r1.3

ivanti connect_secureMatch22.7r1.4

ivanti connect_secureMatch22.7r1.5

ivanti connect_secureMatch22.7r2

ivanti connect_secureMatch22.7r2.1

ivanti connect_secureMatch22.7r2.2

ivanti connect_secureMatch22.7r2.3

ivanti connect_secureMatch22.7r2.4

ivanti connect_secureMatch22.7r2.5

ivanti policy_secureRange<22.7-

ivanti policy_secureMatch22.7-

ivanti policy_secureMatch22.7r1

ivanti policy_secureMatch22.7r1.1

ivanti policy_secureMatch22.7r1.2

ivanti policy_secureMatch22.7r1.3

ivanti zero_trust_access_gatewayRange<22.8

ivanti zero_trust_access_gatewayMatch22.8-

ivanti zero_trust_access_gatewayMatch22.8r2.1

[
  {
    "defaultStatus": "affected",
    "product": "Connect Secure",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "22.7R2.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Policy Secure",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "22.7R1.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "Neurons for ZTA gateways",
    "vendor": "Ivanti",
    "versions": [
      {
        "status": "unaffected",
        "version": "22.8R2.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
forums	www.forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

Parameter	Position	Path	Description	CWE
type	query param	/dana-na/auth/url_admin/welcome.cgi	Product version check endpoint used to identify vulnerable version	CWE-787, CWE-121
X-Forwarded-For	header	/	Overflow trigger via X-Forwarded-For header used to spray/overflow heap and gain code execution	CWE-787, CWE-121

24 Oct 2025 14:29Current

8.5High risk

Vulners AI Score8.5

CVSS 3.19 - 9.8

EPSS0.55896

SSVC

cve-2025-22457 buffer overflow remote code execution ivanti connect secure ivanti policy secure ivanti zta gateways