Ivanti Connect Secure, Policy Secure, and ZTA Vulnerabilities Allow Attackers to Launch DoS Attacks

Ivanti has announced critical security updates to address multiple high and medium-severity vulnerabilities in its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products. These vulnerabilities, discovered through internal assessments and responsible disclosure programs, could allow remote attackers to initiate denial-of-service (DoS) attacks without requiring authentication. At the time of disclosure, no active exploitation of these vulnerabilities has been detected. Key takeaways include the identification of four vulnerabilities that enable remote DoS attacks, the urgent need to update Connect Secure, Policy Secure, and ZTA Gateway, and the requirement for manual updates for on-premise deployments.

The security advisory details four distinct Common Vulnerabilities and Exposures (CVEs), with two classified as high-severity threats. CVE-2025-5456, which scores 7.5 on the Common Vulnerability Scoring System (CVSS), is a buffer over-read vulnerability that permits remote unauthenticated attackers to trigger DoS conditions. This vulnerability affects Ivanti Connect Secure versions prior to 22.7R2.8 or 22.8R2, Policy Secure before 22.7R1.5, ZTA Gateway before 2.8R2.3-723, and Neurons for Secure Access before 22.8R1.4. Similarly, CVE-2025-5462 presents a heap-based buffer overflow vulnerability with the same CVSS score and potential impact. Two additional medium-severity vulnerabilities include CVE-2025-5466, an XML External Entity (XXE) vulnerability requiring administrative privileges, and CVE-2025-5468, which involves improper symbolic link handling that could lead to local file disclosure. 

Categories: Security Vulnerabilities, Software Updates, Denial-of-Service Attacks 

Tags: Ivanti, Security Updates, Vulnerabilities, Connect Secure, Policy Secure, Zero Trust Access, Denial-of-Service, Buffer Overflow, XML External Entity, Patch Availability