| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | exploitation_technique | T1595 | Active Scanning |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | primary_impact | T1055 | Process Injection |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | primary_impact | T1003 | OS Credential Dumping |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | secondary_impact | T1046 | Network Service Discovery |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|
| CVE-2025-0282 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | secondary_impact | T1018 | Remote System Discovery |
Comments
This vulnerability in Ivanti products is version-specific, requiring any reconaissance efforts to return the exact version before exploiting. If exploited, attackers may gain the ability to execute arbitrary code and harvest credentials from the compromised device. Additionally, they may perform internal reconaissance to find additional devices on the network to compromise.
References
|