Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam
First published: 09 Jan 2025
Last updated: 09 Jan 2025

Content written for

Small & medium business
Large organisations & infrastructure
Government

This Alert is relevant to Australian Organisations who use Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways. This alert is intended to be understood by technical users.

Customers are encouraged to patch to the latest version of Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways, where available and apply advice detailed in Ivanti’s Security Advisory.

Background / What has happened?

  • Ivanti has published a security advisory detailing two stack-based buffer overflow vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways.
  • CVE-2025-0282 – A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.3, and Ivanti Neurons for ZTA Gateways before version 22.7R2.4 allows a remote unauthenticated attacker to achieve remote code execution.
  •  CVE-2025-0283 – A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA Gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

Ivanti has identified active exploitation of CVE-2025-0282.

ASD’s ACSC has previously released a joint advisory relating to threat actors exploitation of Ivanti Connect Secure and Policy Secure Gateways:

Affected versions / applications:

CVE-2025-0282:

  • Ivanti Connect Secure 22.7R2 through 22.7R2.4
  • Ivanti Policy Secure 22.7R1 through 22.7R1.2
  • Ivanti Neurons for ZTA 22.7R2 through 22.7R2.3

CVE-2025-0283:

  • Ivanti Connect Secure 22.7R2.4 and prior, 9.1R18.9 and prior
  • Ivanti Policy Secure 22.7R1.2 and prior
  • Ivanti Neurons for ZTA 22.7R2.3 and prior

Mitigation / How do I stay secure?

The ASD’s ACSC recommends businesses, organisations and government entities:

  • Follow Ivanti’s published advice to detect and remidiate affected products.
  • Patch to the latest version of affected products, where available.
    • Ivanti Connect Secure version 22.7R2.5 or later available now.
    • Ivanti Policy Secure – monitor Ivanti’s security advisory for availability. Ivanti advises that this product should not be exposed to the internet.
    • Ivanti Neurons for ZTA gateways – monitor Ivanti’s security advisory for availability. If a gateway for this solution is generated and left unconnected to a ZTA controller, then there is a risk of exploitation.
  • Monitor and and investigate for suspicious activity in connected environments.

Further information and details can be found in the Ivanti’s Security release link: Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)

Assistance / Where can I go for help?

Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it