What is the CVSS score of CVE-2025-0282?

CVE-2025-0282 has a CVSS 3.1 base score of 9.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 94.1%.

Which versions of Connect Secure are affected by CVE-2025-0282?

Organizations using Ivanti Connect Secure face critical risk from CVE-2025-0282, a stack-based buffer overflow vulnerability rated CVSS 9.0.

Is there a public PoC exploit available for CVE-2025-0282?

Yes, a public proof-of-concept exploit is available for CVE-2025-0282. Prioritise patching immediately. EPSS: 94.1%.

How to fix or mitigate CVE-2025-0282?

Within 24 hours: Identify all affected systems running Ivanti Connect Secure and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.

Connect Secure CVE-2025-0282

CRITICAL

Stack-based Buffer Overflow (CWE-121)

2025-01-08 3c1d8aa1-5a33-4ea4-8992-aadd6440af75

RCE Buffer Overflow Stack Overflow Ivanti Connect Secure Policy Secure Neurons For Zero Trust Access

9.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:02 vuln.today

Added to CISA KEV

Oct 24, 2025 - 13:54 cisa

CISA KEV

PoC Detected

Oct 24, 2025 - 13:54 vuln.today

Public exploit code

CVE Published

Jan 08, 2025 - 23:15 nvd

CRITICAL 9.0

DescriptionNVD

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

AnalysisAI

Ivanti Connect Secure, Policy Secure, and Neurons for ZTA contain a stack-based buffer overflow allowing unauthenticated remote code execution, the second major Ivanti VPN zero-day in twelve months.

Technical ContextAI

The CWE-121 stack-based buffer overflow in the VPN appliance's request processing allows unauthenticated attackers to overwrite the stack and achieve code execution. The direct memory corruption attack doesn't require authentication or chaining with other vulnerabilities.

RemediationAI

Apply Ivanti security updates. Consider migrating to alternative VPN solutions given the repeated critical vulnerabilities. Factory reset before patching. Rotate all credentials.