Published on: 07 April 2025
Ivanti has released security advisories to address the vulnerability in Ivanti products. Detailed information about the vulnerability can be found at:
https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457
Reports indicated that the remote code execution vulnerability (CVE-2025-22457) in Ivanti Connect Secure is being exploited in the wild. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
Please note that End-Of-Life (EOL) versions of Pulse Connect Secure are also vulnerable with no security updates provided. System administrators should arrange to upgrade the unsupported and EOL versions to supported versions or migrate to other supported technology.
For detailed information of the affected systems, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerability could lead to remote code execution on an affected system.
Patches for affected systems are available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.