CVE-2025-0283

CVE-2025-0283 is a stack-based buffer overflow vulnerability, associated with CWE-121 (Stack-based Buffer Overflow) and CWE-787 (Out-of-bounds Write), affecting Ivanti Connect Secure versions prior to 22.7R2.5, Ivanti Policy Secure versions prior to 22.7R1.2, and Ivanti Neurons for ZTA gateways versions prior to 22.7R2.3. Published on January 8, 2025, it carries a CVSS v3.1 base score of 7.0 (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high confidentiality, integrity, and availability impacts under specific local access conditions.

A local authenticated attacker with low privileges can exploit this vulnerability due to its high attack complexity. Successful exploitation allows privilege escalation, enabling the attacker to gain elevated access on the affected systems.

Ivanti has issued a security advisory detailing patches for this issue, available at https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283. Mitigation involves upgrading to Ivanti Connect Secure 22.7R2.5 or later, Ivanti Policy Secure 22.7R1.2 or later, and Ivanti Neurons for ZTA gateways 22.7R2.3 or later.