CVE-2025-22454

High

Published: 11 March 2025

Published

11 March 2025

Modified

16 July 2025

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0028 51.0th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

Security Summary

CVE-2025-22454 involves insufficiently restrictive permissions in Ivanti Secure Access Client versions before 22.7R4. This vulnerability, mapped to CWE-732, enables local privilege escalation and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). It was published on 2025-03-11.

A local authenticated attacker with low privileges can exploit this issue with low complexity and no user interaction required. Successful exploitation allows the attacker to achieve high impacts on confidentiality, integrity, and availability, resulting in privilege escalation on the affected system.

Ivanti has issued a security advisory detailing the vulnerability, available at https://forums.ivanti.com/s/article/March-Security-Advisory-Ivanti-Secure-Access-Client-ISAC-CVE-2025-22454, which provides guidance on mitigation and patching.

Details

CWE(s): CWE-732

Affected Products

ivanti

secure access client

22.7 · ≤ 22.7

MITRE ATT&CK Enterprise Techniques

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Vulnerability enables local privilege escalation via exploitation of weak permissions (CWE-732), directly matching T1068.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://forums.ivanti.com/s/article/March-Security-Advisory-Ivanti-Secure-Access-Client-ISAC-CVE-2025-22454
Vendor Advisory · 3c1d8aa1-5a33-4ea4-8992-aadd6440af75