AI description
CVE-2025-22467 is a stack-based buffer overflow vulnerability found in Ivanti Connect Secure versions prior to 22.7R2.6. This vulnerability allows a remote, authenticated attacker to execute arbitrary code. Notably, administrative privileges are not required to exploit this vulnerability. This vulnerability affects the confidentiality, integrity, and availability of systems using the affected versions of Ivanti Connect Secure. Ivanti has released version 22.7R2.6 to address this vulnerability, and users are strongly encouraged to update to this version as soon as possible. As of February 13, 2025, there is no evidence of public exploit code existing for this vulnerability.
- Description
- A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-121
- Hype score
- Not currently trending
🚨 ALERTĂ – Vulnerabilități critice în Ivanti 👀 🔓 Ivanti Connect Secure, Policy Secure și Endpoint Manager sunt afectate de vulnerabilități grave (CVE-2024-38657, CVE-2024-13159 și CVE-2025-22467), ce permit acces neautorizat, modificare de fișiere și execuție de cod malițios.
@DNSC_RO
3 Mar 2025
132 Impressions
3 Retweets
1 Like
2 Bookmarks
1 Reply
0 Quotes
パッチ未適用でCVE-2025-22467に脆弱なIvanti Connect Secure機器2,850台以上が公開されている。Shadowserver Foundation報告。上位国は米国(852台)と日本(384台)。CVE-2025-22467はSSL-VPNの脆弱性で遠隔コード実行が可能。 https://t.co/U633nFJgeu
@__kokumoto
26 Feb 2025
1388 Impressions
3 Retweets
11 Likes
7 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Ivanti Connect Secure Remote Code Execution Vulnerability 📅 Timeline: Disclosure: 2025-02-11, Patch: Ivanti Connect Secure 22.7R2.6 📌 Attribution: Unknown 🆔 CVE ID: CVE-2025-22467 📊 Base Score: 9.9 (Critical) 📏 CVSS Metrics:… https://t.co/FU
@syedaquib77
26 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We started scanning & reporting out Ivanti Connect Secure CVE-2025-22467 vulnerable (unpatched) instances in our daily feeds. ~2850 IP seen unpatched worldwide in our daily scans. Top affected: US (852) & Japan (384) Dashboard world map view: https://t.co/Da4ekpkJbG ht
@Shadowserver
25 Feb 2025
3874 Impressions
12 Retweets
34 Likes
5 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
19 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
18 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
17 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
15 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Alert📷 CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution 📷https://t.co/9IsyvcJRT2 yearly. 📷Hunter Link:https://t.co/npvmvSj4YO… 📷Query HUNTER : ="Ivanti Connect Secure"
@JohnGerhar76023
15 Feb 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Ivanti disclosed 10 vulnerabilities on Feb 11, 2025, including 4 critical ones with CVSS scores of 9.1+. Notably, CVE-2025-22467 allows remote code execution. Patch ASAP! #Ivanti #RemoteAccess #USA link: https://t.co/KISE4F5DJ4 https://t.co/mI9LZKDT4q
@TweetThreatNews
15 Feb 2025
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
15 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
14 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Alert🚨 CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution 📊 3.2M+Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/PWBEkvpQU0 👇Query HUNTER : https://t.co/q9rtuGfZuz="Ivanti Connect Secure" FOFA :…
@HunterMapping
14 Feb 2025
1400 Impressions
4 Retweets
22 Likes
9 Bookmarks
0 Replies
0 Quotes
🚨 Critical security flaws discovered in Ivanti products could allow attackers to execute arbitrary code remotely. The vulnerabilities (CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908) impact Ivanti Connect Secure, Policy Secure, and Cloud Services… https://t.
@achi_tech
13 Feb 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-22467
@transilienceai
13 Feb 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Ivanti Connect Secureに深刻な脆弱性(CVE-2025-22467) #セキュリティ対策Lab #セキュリティ https://t.co/gqtJsMw2cy
@securityLab_jp
13 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Patches Critical Security Flaws! Ivanti issued urgent fixes for Connect Secure, Policy Secure, & Cloud Services to address critical RCE vulnerabilities (CVE-2025-22467, CVE-2024-38657) ⚠️ No exploits detected yet, but patch immediately! Meanwhile, SonicWall & Fo
@dCypherIO
12 Feb 2025
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22467: RCE in Ivanti Connect Secure, 9.9 rating 🔥🔥🔥 Stack-based buffer overflow in Ivanti Connect Secure allows a remote attacker to achieve RCE. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/zUDBHdbYAC #cybersecurity #vulnerability_map #ivanti https://t
@Netlas_io
12 Feb 2025
837 Impressions
4 Retweets
13 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨 Critical security flaws discovered in Ivanti products could allow attackers to execute arbitrary code remotely. The vulnerabilities (CVE-2024-38657, CVE-2025-22467, CVE-2024-10644, and CVE-2024-47908) impact Ivanti Connect Secure, Policy Secure, and Cloud Services… https://t.
@TheHackersNews
12 Feb 2025
16353 Impressions
62 Retweets
128 Likes
15 Bookmarks
2 Replies
3 Quotes
CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution Stay protected from the CVE-2025-22467 vulnerability in Ivanti Connect Secure. Learn how to update your system and mitigate potential risks. https://t.co/7upKFknLQI
@the_yellow_fall
12 Feb 2025
1111 Impressions
1 Retweet
14 Likes
1 Bookmark
0 Replies
1 Quote
🚨 CVE-2025-22467 ⚠️🔴 CRITICAL (9.9) 🏢 Ivanti - Connect Secure 🏗️ 22.7R2.6 🔗 https://t.co/kxEDS8mT9E #CyberCron #VulnAlert https://t.co/mMxvB29Bqf
@cybercronai
11 Feb 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
CVE-2025-22467 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. https://t.co/PE9zUtuVVK
@CVEnew
11 Feb 2025
234 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-22467: CRITICAL] A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.#cybersecurity,#vulnerability https://t.co/LA9FehzHqu https://t.co/Q5yFm1WEQC
@CveFindCom
11 Feb 2025
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82432B1B-F50E-4D85-B4B5-6C91923F1BF9",
"versionEndIncluding": "22.7"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2927A40D-E8A3-4DB6-9C93-04A6C6035C3D"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1399BBB4-E62B-4FF6-B9E3-6AAC68D4D583"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1EAD1423-4477-4C35-BF93-697A2C0697C6"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "858353BC-12CB-4014-BFCA-DA7B1B3DD4B9"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "865F72BF-57B2-4B0C-BACE-3500E0AE6751"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r1.5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39E11407-E0C0-454F-B731-7DA4CBC696EB"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "247E71F8-A03B-4097-B7BF-09F8BF3ED4D6"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0059C69-4A18-4153-9D9A-5C1B03AD1453"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC523C88-115E-4CD9-A8CB-AE6E6610F7D4"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3447428E-DBCD-4553-B51D-AC08ECAFD881"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A08BAF98-7F05-4596-8BFC-91F1A79D3BD1"
},
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:22.7:r2.5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40717D97-A062-49C4-B105-C22AAC3A206A"
}
],
"operator": "OR"
}
]
}
]