CVE-2025-0282 |
Description: Ivanti released security updates to address vulnerabilities (CVE-2025-0282, CVE-2025-0283) in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. A cyber threat actor could exploit CVE-2025-0282 to take control of an affected system.CISA has added CVE-2025-0282 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CISA urges organizations to hunt for any malicious activity, report any positive findings to CISA, and review the following for more information:
Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)
For all instances of Ivanti Connect Secure, Policy Secure, and ZTA Gateways, see the following steps for general hunting guidance:
Conduct threat hunting actions:
Run the In-Build Integrity Checker Tool (ICT). Instructions can be found here.
Conduct threat hunt actions on any systems connected to—or recently connected to—the affected Ivanti device.
If threat hunting actions determine no compromise:
Factory reset the device and apply the patch described in Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283).
Monitor the authentication or identity management services that could be exposed.
Continue to audit privilege level access accounts.
If threat hunting actions determine compromise:
Report to CISA and Ivanti immediately to start forensic investigation and in...
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 8th, 2025 (6 months ago)
|
CVE-2025-0282 |
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2025-0282 Ivanti Connect Secure Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
CISA urges organizations to apply mitigations as set forth in the CISA instructions linked below to include conducting hunt activities, taking remediation actions if applicable, and applying updates prior to returning a device to service
Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-0282, CVE-2025-0283)
CISA Mitigation Instructions for CVE-2025-0282
Organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at [email protected] or (888) 282-0870. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch...
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 8th, 2025 (6 months ago)
|
CVE-2024-53995 |
Description: SickChill is an automatic video library manager for TV shows. A user-controlled login endpoint's next_ parameter takes arbitrary content. Prior to commit c7128a8946c3701df95c285810eb75b2de18bf82, an authenticated attacker may use this to redirect the user to arbitrary destinations, leading to open redirect. Commit c7128a8946c3701df95c285810eb75b2de18bf82 changes the login page to redirect to settings.DEFAULT_PAGE instead of to the next parameter.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53995
https://github.com/SickChill/sickchill/pull/8811
https://github.com/SickChill/sickchill/commit/c7128a8946c3701df95c285810eb75b2de18bf82
https://github.com/SickChill/sickchill/blob/846adafdfab579281353ea08a27bbb813f9a9872/sickchill/views/authentication.py#L33
https://securitylab.github.com/advisories/GHSL-2024-283_GHSL-2024-291_sickchill_sickchill
https://github.com/advisories/GHSA-6gf2-ffq8-gcww
CVSS: LOW (1.9) EPSS Score: 0.05%
January 8th, 2025 (6 months ago)
|
CVE-2025-0282 |
Description: Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
CVSS: CRITICAL (9.0) EPSS Score: 15.33%
January 8th, 2025 (6 months ago)
|
![]() |
Description: A Threat Actor is Allegedly Selling Unauthorized Access to a Manufacturing Company in Greece
January 8th, 2025 (6 months ago)
|
![]() |
Description: A Threat Actor Claims to be Selling Source Code for an ELF Crypter
January 8th, 2025 (6 months ago)
|
![]() |
January 8th, 2025 (6 months ago)
|
![]() |
Description: The voluntary program is intended to boost consumer confidence in vulnerable IoT devices, but experts want to see vendors held to a higher standard.
January 8th, 2025 (6 months ago)
|
![]() |
Description: Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.
January 8th, 2025 (6 months ago)
|
![]() |
January 8th, 2025 (6 months ago)
|