Summary
- Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457).
- Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457).
- ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.
- This Alert is relevant to Australian Organisations who utilise Ivanti products. This alert is intended to be understood by technical users.
Background / What’s happened?
- Ivanti has released information regarding a critical unauthenticated buffer overflow vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457)
- Ivanti has observed active exploitation associated with this vulnerability.
- Affected products include:
- Pulse Connect Secure 9.1.X
- Ivanti Connect Secure (version 22.7R2.5 and earlier)
- Ivanti Policy Secure
- Neurons for ZTA gateways
- Pulse Connect Secure 9.1X is end of support as of 31 December 2024.
Mitigation / How do I stay secure?
- The ASD’s ACSC recommends businesses, organisations and government entities:
- For additional information, please refer to Mandiant’s related threat intelligence report.
- Follow Ivanti’s Security Advice for affected products.
- Ensure affected products are updated to patched versions that address this vulnerability.
- Ensure affected devices are configured in line with Ivaniti’s guidance to mitigate exploitation.
- Investigate for potential compromise of these products.
- Monitor and investigate for suspicious activity in connected environments.