Ivanti is under fire again, as The Register reports on two new vulnerabilities, one of which was already being exploited as a zero-day.It's been less than a year since the last high-profile security incident involving Ivanti, and now, two new flaws need to be patched -- and fast. The Register says:The two issues aren't believed to be chained in the attacks; Ivanti said CVE-2025-0282 is the exploited zero-day, and they just happened to find CVE-2025-0283 during the threat-hunting phase and decided to include it in the advisory.Connect Secure and Policy Secure, closely followed by ZTA Gateways – the subjects of last year's infamous flaws – are again involved here. Be careful out there!Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!
- CVE-2025-0282 (9.0 severity – critical): The worst of the two vulnerabilities is a stack-based buffer overflow bug leading to unauthenticated remote code execution. This vuln was already exploited, affecting Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3.
- CVE-2025-0283 (7.0 severity – high): The less-serious-but-still-pretty-serious vuln is another stack-based buffer overflow leading to privilege escalation for locally authenticated attackers. The same products and versions are affected, according to the report.



