Security News > 2025 > April > Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)

A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7R2.5 or earlier or Pulse Connect Secure 9.1x. The vulnerability was patched by Ivanti in ICS 22.7R2.6, released on February 11, 2025. But, apparently, the threat actor studied the patch and “uncovered through a complicated process, [that] it was possible to exploit 22.7R2.5 and earlier … More → The post Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) appeared first on Help Net Security.
News URL
Related news
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)