Ivanti security advisory (AV25-008) – Canadian Centre for Cyber Security

Serial number: AV25-008
Date: January 8, 2025

On January 8, 2025, Ivanti published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Ivanti Connect Secure – versions prior to 22.7R2.5 and versions 9.1R18.9 and prior
Ivanti Policy Secure – versions prior to 22.7R1.2
Ivanti Neurons for ZTA Gateways – versions prior to 22.7R2.3

Exploitation of this vulnerability could allow an unauthenticated actor to execute remote code.

Ivanti has reported that vulnerability CVE-2025-0282 has been exploited.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

This alert was originated From: Canadian Centre for Cyber Security

https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av25-008

Cybersecurity

CISA Advisory: CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes

Ricardo Alonso
October 26, 2024
1 min read
0

This alert was originated from: Cybersecurity & Infrastructure Security Agency ( CISA ) Today, CISA—along with U.S. and international partners—released […]