CVE-2025-55145

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker to hijack existing HTML5...

CVE-2025-55145

CVE-2025-55145 describes a missing authorization flaw in Ivanti Connect Secure (ICS), Ivanti Policy Secure, Ivanti ZTA Gateway, and Ivanti Neurons for Secure Access that allows a remote authenticated attacker to hijack existing HTML5 connections. Affected versions include ICS <= 22.7R2.9 and &...

CVE-2025-55145

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker to hijack existing HTML5...

PT-2025-36748

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior to 22.8R1.4 Description: A missing authorization...

How to Enable HTML5 Connections to Provisioning Services Based Catalogs

Enabling connections from Receiver for HTML5 to desktops deployed using Provisioning Services. Background Enabling connections from Receiver for HTML5 to desktops in Provisioning Services PVS based catalogs might require additional steps to complete depending on the persistence of the write cache...