| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-22457 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products running old versions are susceptible to a stack-based buffer overflow exploit that can lead to remote code execution. The patched versions of each product that remove this vulnerability are as follows: Ivanti Connect Secure (22.7R2.6), Pulse Connect Secure (22.7R2.6), Ivanti Policy Secure (22.7R1.4), and ZTA Gateways (22.8R2.2).
References
|
| CVE-2025-22457 | Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products running old versions are susceptible to a stack-based buffer overflow exploit that can lead to remote code execution. The patched versions of each product that remove this vulnerability are as follows: Ivanti Connect Secure (22.7R2.6), Pulse Connect Secure (22.7R2.6), Ivanti Policy Secure (22.7R1.4), and ZTA Gateways (22.8R2.2).
References
|