Tech

Ivanti patches serious Connect Secure flaw

Share
Share


  • Ivanti recently patched a critical severity flaw in Connect Secure VPN
  • Mandiant says the bug is being used in the wild by Chinese actors
  • Two new malware strains were discovered

Ivanti has recently patched a critical severity vulnerability found in its Connect Secure (ICS) VPN appliances which was allegedly being abused in the wild by Chinese state-sponsored actors.

Researchers at Mandiant published a new security advisory stating Ivanti discovered and fixed a buffer overflow vulnerability in ICS 9.X (unsupported) and 22.7R2.5 and earlier versions. The vulnerability is tracked as CVE-2025-22457, and carries a severity score of 9.0/10 (critical).

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *