FlagThis

Ivanti has released critical security updates for Connect Secure (ICS), Policy Secure (IPS), and Secure Access Client (ISAC) to address multiple vulnerabilities. These include three critical severity problems that could allow remote code execution (RCE), posing a significant risk. The updates aim to patch flaws such as external control of a file name (CVE-2024-38657) and a stack-based buffer overflow (CVE-2025-22467), which can be exploited by authenticated attackers to execute arbitrary code and compromise system integrity.

The specific vulnerabilities addressed include CVE-2024-38657, which allows remote authenticated attackers with admin privileges to write arbitrary files, and CVE-2025-22467, a stack-based buffer overflow that enables remote code execution. Also patched is CVE-2024-10644 which is a code injection vulnerability, and CVE-2024-47908, an operating system command injection flaw in the admin web console of Ivanti CSA. Users are urged to update to the latest versions, Ivanti Connect Secure 22.7R2.6, Ivanti Policy Secure 22.7R1.3, and Ivanti CSA 5.0.5, as soon as possible to mitigate potential exploitation. While Ivanti is not aware of active exploitation, it's imperative to apply the patches due to the history of Ivanti appliances being weaponized.

ImgSrc: blogger.googleu

References :

• Vulnerability-Lookup: Security advisory for Ivanti Connect Secure, Policy Secure, and Secure Access Client (multiple CVEs).
• securityonline.info: Ivanti has disclosed multiple vulnerabilities affecting its Connect Secure, Policy Secure, and Secure Access Client products, with some The post appeared first on .
• The Hacker News: Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
• BleepingComputer: Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems.
• securityonline.info: CVE-2025-22467 (CVSS 9.9): Ivanti Connect Secure Vulnerability Allows Remote Code Execution
• www.bleepingcomputer.com: Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems.
• vulnerability.circl.lu: February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs), has been published on Vulnerability-Lookup
• research.kudelskisecurity.com: Ivanti ICS, IPS, ISAC, CSA: Multiple Vulnerabilities Disclosed and Patched
• bsky.app: Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems.
• socradar.io: Ivanti Security Update Addresses Severe Vulnerabilities in ICS, IPS, and ISAC (CVE-2025-22467, CVE-2024-38657, CVE-2024-10644)
• research.kudelskisecurity.com: Ivanti ICS, IPS, ISAC, CSA: Multiple Vulnerabilities Disclosed and Patched
• BleepingComputer: Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including three critical severity problems

Classification:

• HashTags: #Ivanti #PatchNow #RCE
• Company: Ivanti
• Target: Ivanti Users
• Product: Connect Secure
• Feature: Security Patches
• Type: ProductUpdate
• Severity: Critical