15 matches found
Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure ICS appliances. According to a report published by JPCERT/CC today, the threat actors behind the...
Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways
Updated April 8, 2025 CISA updated these mitigations based on identification of a new malware variant called RESURGE that could undermine the effectiveness of the mitigations previously provided. For more information on RESURGE, see MAR-25993211.R1.V1.CLEAR and CISA Releases Malware Analysis Repo...
CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure
CISA has published a Malware Analysis Report MAR with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA1link is external malware variant, including surviving reboots; however, RESURGE contains...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
Ivanti-CVE-2025-0282...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
PoC for CVE-2025-0282 Remote Unauthenticated Stack Buffer O...
Vulnerabilities fixed in Ivanti Connect Secure and Policy Secure
Ivanti has fixed vulnerabilities in Connect Secure and Policy Secure. The first vulnerability CVE-2025-0282 can be exploited by malicious parties to execute arbitrary code remotely without authentication. The second vulnerability CVE-2025-0283 can be exploited by a locally authenticated malicious...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
PoC exploit for CVE-2025-0282, a remote unauthenticated stack-ba...
Ivanti Buffer Overflow Proof of Concept Exploit
Proof of concept exploit for CVE-2025-0282, a remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways. PoC for CVE-2025-0282, a remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure,...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
CVE-2025-0282-Ivanti-exploit CVE-2025-0282 is a critical vulne...
CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild
Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently...
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 CVSS score: 9.0, a stack-based buffer overflow that...
CVE-2025-0282
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution...
CVE-2025-0282
creationtimestamp| type| source ---|---|--- 2025-01-08 17:04:23+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113793817841894943 2025-01-08 17:49:21+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113793994593261539 2025-01-08 17:54:03+00:00| seen|...
Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)
Update: 21 Jan 2025 Patch Now Available for IPS & ZTA Gateways Summary: Ivanti has released an update that addresses one critical and one high vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code...
Ivanti Policy Secure 22.7R1 <= 22.7R1.2 Remote Code Execution (CVE-2025-0282)
The version of Ivanti Policy Secure installed on the remote host is 22.7R1 prior or equal to 22.7R1.2 Build 1485. It is, therefore, affected by a remote code execution vulnerability: - A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before...