How to fix CVE-2025-0282?

Within 24 hours: Identify all affected systems running Ivanti Connect Secure and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

Is Stack Overflow affected by CVE-2025-0282?

Organizations using Ivanti Connect Secure face critical risk from CVE-2025-0282, a stack-based buffer overflow vulnerability rated CVSS 9.0. Exploitation could allow attackers to corrupt memory, crash the application, or potentially execute arbitrary code.

CVE-2025-0282

CRITICAL

2025-01-08 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

9.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:02 vuln.today

Added to CISA KEV

Oct 24, 2025 - 13:54 cisa

CISA KEV

PoC Detected

Oct 24, 2025 - 13:54 vuln.today

Public exploit code

CVE Published

Jan 08, 2025 - 23:15 nvd

CRITICAL 9.0

Description

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Analysis

Ivanti Connect Secure, Policy Secure, and Neurons for ZTA contain a stack-based buffer overflow allowing unauthenticated remote code execution, the second major Ivanti VPN zero-day in twelve months.

Technical Context

The CWE-121 stack-based buffer overflow in the VPN appliance's request processing allows unauthenticated attackers to overwrite the stack and achieve code execution. The direct memory corruption attack doesn't require authentication or chaining with other vulnerabilities.

Affected Products

['Ivanti Connect Secure before 22.7R2.5', 'Ivanti Policy Secure before 22.7R1.2', 'Ivanti Neurons for ZTA gateways before 22.7R2.3']

Remediation

Apply Ivanti security updates. Consider migrating to alternative VPN solutions given the repeated critical vulnerabilities. Factory reset before patching. Rotate all credentials.

Priority Score

209

Low Medium High Critical

KEV: +50

EPSS: +94.1

CVSS: +45

POC: +20

CVE-2025-0282 vulnerability details – vuln.today

Back

CVE-2025-0282

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-0282

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code