CVE-2025-22467

Critical

Published: 11 February 2025

Published

11 February 2025

Modified

20 February 2025

KEV Added

—

Patch

—

CVSS Score 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.4798 97.7th percentile

Risk Priority 49 60% EPSS · 20% KEV · 20% CVSS

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.

Security Summary

CVE-2025-22467 is a stack-based buffer overflow vulnerability, classified under CWE-121, affecting Ivanti Connect Secure versions prior to 22.7R2.6. Published on 2025-02-11, the flaw resides in the software component and enables remote code execution when exploited.

A remote authenticated attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Exploitation achieves high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) with a scope change (S:C), resulting in remote code execution on the targeted system. The vulnerability carries a CVSS v3.1 base score of 9.9.

Ivanti's February Security Advisory addresses this CVE alongside others in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Secure Access Client, available at https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs. Mitigation requires upgrading to version 22.7R2.6 or later.

Details

CWE(s): CWE-121

Affected Products

ivanti

connect secure

22.7 · ≤ 22.7

References

https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs
Vendor Advisory · 3c1d8aa1-5a33-4ea4-8992-aadd6440af75