Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure ICS appliances. According to a report published by JPCERT/CC today, the threat actors behind the...

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

PoC for CVE-2025-22457 A remote unauthenticated stack based b...

📄 Ivanti Connect Secure 22.7R2.5 Remote Code Execution

This Metasploit module exploits a stack-based buffer overflow vulnerability in Ivanti Connect Secure to achieve remote code execution CVE-2025-22457. Versions 22.7R2.5 and earlier are vulnerable. Note that Ivanti Pulse Connect Secure, Ivanti Policy Secure and ZTA gateways are also vulnerable but...

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

CVE-2025-22457 CVE-2025-22457: Python Exploit POC Scanner to D...

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

PoC exploit for CVE-2025-22457, a vulnerability in a Ruby applic...

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

ivantiunlocker Prevent CVE-2025-22457 and other security probl...

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure product that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 CVSS score: 9.0, concerns a case of a stack-based buffer overflow that could be...

Ivanti Connect Secure CVE-2025-22457 exploited in the wild

On Thursday, April 3, 2025, Ivanti disclosed a critical severity vulnerability affecting Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA Gateways. CVE-2025-22457 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the...

CVE-2025-22457

CVE-2025-22457 is a stack-based buffer overflow in Ivanti Connect Secure family (affecting Ivanti Connect Secure prior to 22.7R2.6, Ivanti Policy Secure prior to 22.7R1.4, and Ivanti ZTA Gateways prior to 22.8R2.2) that enables remote code execution by a remote unauthenticated attacker. Affected ...

CVE-2025-22457

creationtimestamp| type| source ---|---|--- 2025-04-03 14:22:18+00:00| seen| https://bsky.app/profile/rcinghio.bsky.social/post/3llw3znpsvc2d 2025-04-03 14:24:04+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus9/2025 2025-04-03 14:38:36+00:00| seen|...

April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)

This advisory has been updated to make it clear the vulnerability was fully patched in Ivanti Connect Secure released February 11, 2025. Update April 23, 2025: This advisory has been updated to reflect changes to the Ivanti Policy Secure Versioning and the affected release date. Update May 14,...

Security Bulletin: Security vulnerabilities have been fixed in IBM Security Verify Governance, Identity Manager virtual appliance component

Summary IBM Security Verify Governance, Identity Manager virtual appliance component has addressed the following vulnerabilities Vulnerability Details CVEID:CVE-2022-22457 DESCRIPTION: IBM Security Verify Governance stores sensitive information including user credentials in plain clear text which...

File Upload Vulnerability in Zhiyuan A6-V5 Collaboration Management Software (CNVD-2024-22457)

Zhiyuan A6-V5 collaborative management software is a set of new generation of large collaborative office management software that can help various enterprises and institutions, government agencies and social groups of single-type organizations to achieve batch delivery. A file upload vulnerabilit...

CVE-2024-22457

creationtimestamp| type| source ---|---|--- 2024-03-01 12:31:53+00:00| seen| https://t.me/ctinow/197553 2024-03-01 12:31:57+00:00| seen| https://t.me/ctinow/197557...

CVE-2024-22457

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS to SCG update path. A remote low privileged attacker could potentially exploit this vulnerability, leading to impersonation of the server through presenting a fake self-signed certificate and...

CVE-2024-22457

CVE-2024-22457 affects Dell Secure Connect Gateway 5.20. The vulnerability arises in the SRS to SCG update path due to improper authentication, allowing a remote low-privileged attacker to impersonate the server by presenting a fake self-signed certificate when communicating with the remote serve...

CVE-2023-22457

creationtimestamp| type| source ---|---|--- 2023-01-04 18:18:11+00:00| seen| https://t.me/cibsecurity/55892 2025-03-10 21:39:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7060...

CVE-2023-22457 org.xwiki.contrib:application-ckeditor-ui vulnerable to Remote Code Execution via Cross-Site Request Forgery

CKEditor Integration UI adds support for editing wiki pages using CKEditor. Prior to versions 1.64.3,t he CKEditor.HTMLConverter document lacked a protection against Cross-Site Request Forgery CSRF, allowing to execute macros with the rights of the current user. If a privileged user with...

CVE-2023-22457

Summary: CVE-2023-22457 affects the CKEditor Integration UI (org.xwiki.contrib:application-ckeditor-ui) used with XWiki. Prior to version 1.64.3, the CKEditor.HTMLConverter document lacked CSRF protection, enabling a privileged user with programming rights to trigger a GET request that could exec...

CVE-2022-22457

creationtimestamp| type| source ---|---|--- 2022-12-23 00:14:08+00:00| seen| https://t.me/cibsecurity/55203...