CVE-2025-0283#

Statement on CVE-2025-0283 Ivanti Connect Secure Policy Secure & ZTA Gateways #

January 8, 2025

Information #

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.

Severity #

Low

Response #

Melissa Data Corporation (“Melissa”) was not impacted by the Ivanti vulnerabilities as we do not utilize Ivanti Connect Secure for any Melissa commercial web services or products.

CVE-2025-0283

Contents

CVE-2025-0283#

Statement on CVE-2025-0283 Ivanti Connect Secure Policy Secure & ZTA Gateways#

Information#

Severity#

Response#

Statement on CVE-2025-0283 Ivanti Connect Secure Policy Secure & ZTA Gateways #

Information #

Severity #

Response #