11 matches found
Ivanti Flaws Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure ICS appliances. According to a report published by JPCERT/CC today, the threat actors behind the...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
PoC for CVE-2025-22457 A remote unauthenticated stack based b...
📄 Ivanti Connect Secure 22.7R2.5 Remote Code Execution
This Metasploit module exploits a stack-based buffer overflow vulnerability in Ivanti Connect Secure to achieve remote code execution CVE-2025-22457. Versions 22.7R2.5 and earlier are vulnerable. Note that Ivanti Pulse Connect Secure, Ivanti Policy Secure and ZTA gateways are also vulnerable but...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
CVE-2025-22457 CVE-2025-22457: Python Exploit POC Scanner to D...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
PoC exploit for CVE-2025-22457, a vulnerability in a Ruby applic...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
ivantiunlocker Prevent CVE-2025-22457 and other security probl...
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure product that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 CVSS score: 9.0, concerns a case of a stack-based buffer overflow that could be...
Ivanti Connect Secure CVE-2025-22457 exploited in the wild
On Thursday, April 3, 2025, Ivanti disclosed a critical severity vulnerability affecting Ivanti Connect Secure, Pulse Connect Secure, Policy Secure, and ZTA Gateways. CVE-2025-22457 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the...
CVE-2025-22457
CVE-2025-22457 is a stack-based buffer overflow in Ivanti Connect Secure family (affecting Ivanti Connect Secure prior to 22.7R2.6, Ivanti Policy Secure prior to 22.7R1.4, and Ivanti ZTA Gateways prior to 22.8R2.2) that enables remote code execution by a remote unauthenticated attacker. Affected ...
CVE-2025-22457
creationtimestamp| type| source ---|---|--- 2025-04-03 14:22:18+00:00| seen| https://bsky.app/profile/rcinghio.bsky.social/post/3llw3znpsvc2d 2025-04-03 14:24:04+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus9/2025 2025-04-03 14:38:36+00:00| seen|...
April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)
This advisory has been updated to make it clear the vulnerability was fully patched in Ivanti Connect Secure released February 11, 2025. Update April 23, 2025: This advisory has been updated to reflect changes to the Ivanti Policy Secure Versioning and the affected release date. Update May 14,...