Lucene search
K

11 matches found

The Hacker News
The Hacker News
added 2025/07/18 6:13 p.m.24 views

Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure ICS appliances. According to a report published by JPCERT/CC today, the threat actors behind the...

9.8CVSS8.8AI score0.99973EPSS
Exploits19
GithubExploit
GithubExploit
added 2025/05/25 10:52 p.m.303 views

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

PoC for CVE-2025-22457 A remote unauthenticated stack based b...

9.8CVSS9.8AI score0.99973EPSS
Exploits7
Packet Storm
Packet Storm
added 2025/05/16 12:0 a.m.220 views

📄 Ivanti Connect Secure 22.7R2.5 Remote Code Execution

This Metasploit module exploits a stack-based buffer overflow vulnerability in Ivanti Connect Secure to achieve remote code execution CVE-2025-22457. Versions 22.7R2.5 and earlier are vulnerable. Note that Ivanti Pulse Connect Secure, Ivanti Policy Secure and ZTA gateways are also vulnerable but...

9.8CVSS7.9AI score0.99973EPSS
Exploits19
GithubExploit
GithubExploit
added 2025/04/10 3:27 a.m.500 views

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

CVE-2025-22457 CVE-2025-22457: Python Exploit POC Scanner to D...

9.8CVSS9.9AI score0.99973EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/04/09 2:39 p.m.293 views

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

PoC exploit for CVE-2025-22457, a vulnerability in a Ruby applic...

9.8CVSS10AI score0.99973EPSS
Exploits7
GithubExploit
GithubExploit
added 2025/04/08 9:31 a.m.216 views

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

ivantiunlocker Prevent CVE-2025-22457 and other security probl...

9.8CVSS7.2AI score0.99973EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/04/04 6:7 a.m.28 views

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure product that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 CVSS score: 9.0, concerns a case of a stack-based buffer overflow that could be...

9.9CVSS9.2AI score0.99999EPSS
Exploits22
Rapid7 Blog
Rapid7 Blog
added 2025/04/03 6:50 p.m.45 views

Ivanti Connect Secure CVE-2025-22457 exploited in the wild

On Thursday, April 3, 2025, Ivanti disclosed a critical severity vulnerability affecting Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA Gateways. CVE-2025-22457 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the...

9.8CVSS9.9AI score0.99973EPSS
Exploits7
CVE
CVE
added 2025/04/03 3:20 p.m.660 views

CVE-2025-22457

CVE-2025-22457 is a stack-based buffer overflow in Ivanti Connect Secure family (affecting Ivanti Connect Secure prior to 22.7R2.6, Ivanti Policy Secure prior to 22.7R1.4, and Ivanti ZTA Gateways prior to 22.8R2.2) that enables remote code execution by a remote unauthenticated attacker. Affected ...

9.8CVSS8.5AI score0.99973EPSS
In wildExploits7References2Affected Software3
Circl
Circl
added 2025/04/03 2:22 p.m.25 views

CVE-2025-22457

creationtimestamp| type| source ---|---|--- 2025-04-03 14:22:18+00:00| seen| https://bsky.app/profile/rcinghio.bsky.social/post/3llw3znpsvc2d 2025-04-03 14:24:04+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus9/2025 2025-04-03 14:38:36+00:00| seen|...

9.8CVSS7.5AI score0.99973EPSS
Exploits7References220
Ivanti
Ivanti
added 2025/04/03 1:53 p.m.43 views

April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)

This advisory has been updated to make it clear the vulnerability was fully patched in Ivanti Connect Secure released February 11, 2025. Update April 23, 2025: This advisory has been updated to reflect changes to the Ivanti Policy Secure Versioning and the affected release date. Update May 14,...

9.8CVSS10AI score0.99973EPSS
Exploits7
Rows per page
Query Builder