CVE-2025-22457

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution. Vendor/Product: Ivanti Connect Secure, Policy Secure, and ZTA Gateways. Added to CISA KEV 2025-04-04; required action: Apply mitigations as set forth in the CISA instructions linked below.