CVE-2025-22457

ENISA EUVD: EUVD-2025-9646 ↗

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 5, 2026 5 articles Published: 2025-04-03

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

58.94%

probability

This CVE has a 58.94% probability of being exploited in the next 30 days.

0% Top 98.2th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

CRITICAL

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

VulnerabilityLookup (CNA)

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

Affected Products

Ivanti

Connect Secure

22.7R2.6

Ivanti

Policy Secure

22.7R1.4

Ivanti

Neurons for ZTA gateways

22.8R2.2

ivanti

connect secure

ivanti

policy secure

ivanti

zero trust access gateway

Ivanti

Neurons for ZTA gateways

patch: 22.8R2.2

Ivanti

Connect Secure

patch: 22.7R2.6

Ivanti

Policy Secure

patch: 22.7R1.4

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-121 · Stack-based Buffer Overflow CWE-664 · Improper Control of a Resource Through its Lifetime CWE-787 · Out-of-bounds Write CWE-788 · Access of Memory Past End of Buffer

Exploits & PoC

sfewer-r7/CVE-2025-22457

PoC for CVE-2025-22457 - A remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Sec

73 2025-04-25

securekomodo/CVE-2025-22457

CVE-2025-22457: Python Exploit POC Scanner to Detect Ivanti Connect Secure RCE

19 2025-04-17

Vinylrider/ivantiunlocker

Prevent CVE-2025-22457 and other security problems with Juniper/Ivanti Secure Connect SSL VPN

2 2025-04-13

TRone-ux/CVE-2025-22457

PoC CVE-2025-22457

1 2025-05-25

4 repos — triés par ⭐ Rechercher sur GitHub ↗

https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457

Signal Intelligence

Confidenceⓘ

92%

EPSS 58.94%

CVSS v3.1 9

Mentions 5

Last Seen Apr 03, 2025

CNA Information

CNA Assigner

ivanti

Analyst Note

CVE-2025-22457 is explicitly named as a zero-day in BleepingComputer reporting exploitation since mid-March 2025, with patching occurring in April 2025. Exploitation clearly preceded patch availability, meeting the critical zero-day criterion. CRITICAL CVSS score and recent publication timing support high confidence.