Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Neurons for ZTA gateways

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-22457
Assigner-Ivanti
ShareView Details
Assigner-Ivanti
CVSS Score-9||CRITICAL
EPSS-33.51% / 96.78%
||
7 Day CHG-4.99%
Published-03 Apr, 2025 | 15:20
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-04-11||Apply mitigations as set forth in the CISA instructions linked below.

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_secureneurons_for_zero-trust_accessConnect SecurePolicy SecureNeurons for ZTA gatewaysConnect Secure, Policy Secure, and ZTA Gateways
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0283
Assigner-Ivanti
ShareView Details
Assigner-Ivanti
CVSS Score-7||HIGH
EPSS-0.08% / 24.35%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 22:15
Updated-14 Jan, 2025 | 15:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

Action-Not Available
Vendor-Ivanti Software
Product-connect_securepolicy_secureneurons_for_zero-trust_accessPolicy SecureNeurons for ZTA gatewaysConnect Secure
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0282
Assigner-Ivanti
ShareView Details
Assigner-Ivanti
CVSS Score-9||CRITICAL
EPSS-93.26% / 99.80%
||
7 Day CHG+0.02%
Published-08 Jan, 2025 | 22:15
Updated-30 Jul, 2025 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-01-15||Apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service.

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Action-Not Available
Vendor-Ivanti Software
Product-connect_secureneurons_for_zero-trust_accesspolicy_secureConnect SecurePolicy SecureNeurons for ZTA gatewaysConnect Secure, Policy Secure, and ZTA Gateways
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write