Ivanti Connect Secure & Policy Secure Flaws Expose Systems to DoS Attacks

Ivanti has released a critical security advisory addressing several medium-severity vulnerabilities in its flagship products, Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS).

The vulnerabilities, identified by multiple CVEs, affect versions of ICS before 22.7R2.8 and IPS before 22.7R1.5.

According to Ivanti, there is no evidence of active exploitation in the wild at the time of disclosure.

Administrators are strongly urged to update to the latest versions—ICS 22.7R2.8 and IPS 22.7R1.5—available through the official Ivanti download portal.

The fixes are not backported to legacy 9.x versions, which have reached end-of-support as of December 31, 2024.

Vulnerabilities and Impact

The advisory details six distinct vulnerabilities, each with unique technical characteristics and potential impact:

CVE Number	Description	CVSS Score	CWE
CVE-2025-5450	Improper access control in certificate management; allows read-only admins to modify restricted settings.	6.3	CWE-602
CVE-2025-5451	Stack-based buffer overflow; enables denial of service by remote authenticated admins.	4.9	CWE-121
CVE-2025-5463	Insertion of sensitive info into logs; local attackers may access confidential data.	5.5	CWE-532
CVE-2025-5464	Similar log file info leak, specific to ICS.	6.5	CWE-532
CVE-2025-0293	CLRF injection; allows remote admin to write to protected config files.	6.6	CWE-93
CVE-2025-0292	Server-Side Request Forgery (SSRF); remote admin can access internal network services.	5.5	CWE-918

Technical Terms Explained:

• CVE (Common Vulnerabilities and Exposures): Standardized identifier for publicly known cybersecurity vulnerabilities.
• CWE (Common Weakness Enumeration): Categorizes software weaknesses, such as CWE-121 (Stack-based Buffer Overflow).
• CVSS (Common Vulnerability Scoring System): Rates the severity of vulnerabilities; scores here range from 4.9 to 6.6 (medium).

Example of CVSS Vector (for CVE-2025-5450):

textCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

This indicates a network attack vector, low attack complexity, and limited impact on confidentiality, integrity, and availability.

Patch Guidance and Product Lifecycle

Affected Versions:

• Ivanti Connect Secure: 22.7R2.7 and prior
• Ivanti Policy Secure: 22.7R1.4 and prior

Resolved Versions:

• ICS: 22.7R2.8
• IPS: 22.7R1.5

Customers are strongly encouraged to upgrade to the latest supported versions to maintain protection against these vulnerabilities.

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant updates

The post Ivanti Connect Secure & Policy Secure Flaws Expose Systems to DoS Attacks appeared first on Cyber Security News.