CVE-2025-0282

ENISA EUVD: EUVD-2025-1580 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 12 articles Published: 2025-01-08

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

94.13%

probability

This CVE has a 94.13% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

CRITICAL

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Affected Products

Ivanti

Connect Secure

22.7R2 22.7R2.5

Ivanti

Policy Secure

22.7R1

Ivanti

Neurons for ZTA gateways

22.7R2 22.7R2.5

ivanti

connect secure

ivanti

neurons for zero-trust access

ivanti

policy secure

Ivanti

Connect Secure

22.7R2 ≤22.7R2.4

Ivanti

Neurons for ZTA gateways

22.7R2 ≤22.7R2.3

Ivanti

Neurons for ZTA gateways

Ivanti

Connect Secure

Ivanti

Policy Secure

22.7R1 ≤22.7R1.2

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-121 · Stack-based Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime CWE-787 · Out-of-bounds Write CWE-788 · Access of Memory Past End of Buffer

Exploits & PoC

absholi7ly/CVE-2025-0282-Ivanti-exploit

CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.

52 2025-01-11

sfewer-r7/CVE-2025-0282

PoC for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons

51 2025-01-16

watchtowrlabs/CVE-2025-0282

Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)

31 2025-01-18

Hexastrike/Ivanti-Connect-Secure-Logs-Parser

A Python script for examining Ivanti Secure Connect (ICS) event logs, designed to support investigations into vulnerabilities CVE-2025-0282, CVE-2023-

5 2025-01-19

AnonStorks/CVE-2025-0282-Full-version

# CVE-2025-0282: Remote Code Execution Vulnerability in [StorkS]

4 2025-01-12

punitdarji/Ivanti-CVE-2025-0282

Ivanti Remote code execution

3 2025-03-10

almanatra/CVE-2025-0282

Exploit for CVE-2025-0282: A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neur

2 2025-01-22

AdaniKamal/CVE-2025-0282

Ivanti Connect Secure, Policy Secure & ZTA Gateways - CVE-2025-0282

2 2025-01-28

rxwx/pulse-meter

Parses the System Snapshot from an Ivanti Connect Secure applicance to identify possible IOCs related to CVE-2023-46805, CVE-2024-21887 and CVE-2025-0

1 2025-02-13

gmh5225/Blackash-CVE-2025-0282

CVE-2025-0282

0 2025-06-07

10 repos — triés par ⭐ Rechercher sur GitHub ↗

https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283

Signal Intelligence

Confidenceⓘ

95%

EPSS 94.13%

CVSS v3.1 9

Mentions 12

Last Seen Feb 27, 2026

CNA Information

CNA Assigner

ivanti

Analyst Note

CVE-2025-0282 is explicitly named as a zero-day in multiple authoritative sources (BleepingComputer) with documentation of active exploitation since mid-March 2025 and confirmed victim breaches (Nominet). The CVE was published 2025-01-08 with exploitation occurring prior to or contemporaneous with patch availability, meeting all zero-day criteria.