Found 2 bookmarks
Custom sorting
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024. On Wednesday, Jan. 8, 2025, Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. Mandiant has identified zero-day exploitation of CVE-2025-0282 in the wild beginning mid-December 2024. CVE-2025-0282 is an unauthenticated stack-based buffer overflow. Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network.
#Mandiant#EN#2025#CVE-2025-0282#CVE-2025-0283#IoC#exploitation#analysis#postexploitation#Ivanti
·cloud.google.com·
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog
On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.
#rapid7#EN#2025#CVE-2025-0282#zero-day#Ivanti#CVE-2025-0283#ZTA#gateways
·rapid7.com·
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog