Ivanti security advisory (AV25-184)

Serial number: AV25-184
Date: April 3, 2025

On April 3, 2025, Ivanti published a security advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in multiple products. Included was a critical update for the following:

• Ivanti Connect Secure – version 22.7R2.5 and prior
• Pulse Connect Secure (EoS) – version 9.1R18.9 and prior
• Ivanti Policy Secure – version 22.7R1.3 and prior
• ZTA Gateways – version 22.8R2 and prior

Ivanti has indicated that CVE-2025-22457 may have been exploited.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457)
• Ivanti Security Advisories