Vulnerabilities > Ivanti > Neurons FOR Zero Trust Access > 22.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-03 | CVE-2025-22457 | Stack-based Buffer Overflow vulnerability in Ivanti products A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. | 9.8 |
| 2025-01-08 | CVE-2025-0283 | Out-of-bounds Write vulnerability in Ivanti Connect Secure 7.1/7.4 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges. | 7.0 |
| 2024-01-31 | CVE-2024-21893 | Server-Side Request Forgery (SSRF) vulnerability in Ivanti Connect Secure and Policy Secure A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. | 8.2 |