Hackers are actively targeting deployments of some Ivanti Inc. software products using a newly discovered security vulnerability. The company disclosed the exploit, which is tracked as CVE-2025 ...

The critical-severity vulnerability (tracked at CVE-2025-0282) can enable attackers to remotely execute code without authentication, Ivanti said in an advisory. It has received a severity rating o ...

Ivanti's EPMM was previously known as MobileIron Core. The newly discovered zero-day, identified as CVE-2023-35081 and with a CVSS score of 7.8, affects several supported versions, namely 11.10 ...

Ivanti uncovers two security vulnerabilities, including one critical-severity One of the flaws was being abused as a zero-day by a Chinese threat actor Researchers uncovered never-before-seen ...

IT security software company Ivanti has released security patches to fix four critical vulnerabilities affecting its Connect Secure and Policy Secure gateways. The flaws (CVE-2024-21894 ...

and CVE-2024-21888. Cybersecurity researcher Yutaka Sejiyam scanned the internet through Shodan and found, at the time of going to press, that there were more than 13,600 Ivanti servers still ...

Ivanti Connect Secure is the only product known to be impacted by active exploitation of the new zero-day, but CVE-2025-0282 also affects Ivanti Policy Secure and Ivanti Neurons for ZTA gateways.

According to Ivanti's security release, the critical vulnerabilities (CVE-2024-10811, CVE-2024-13161, CVE-2024-13160, CVE-2024-13159; CVSS 9.8) are all the path traversal type and allow ...

Security supplier Ivanti has once again found itself at the centre of an expanding series of breaches after it emerged that two freshly disclosed vulnerabilities in a number of its products are ...

In a security advisory, Ivanti said that it uncovered two vulnerabilities recently - CVE-2025-0282 and CVE-2025-0283, both of which are impacting Ivanti Connect Secure VPN appliances. The former ...

Ivanti did not say how many devices were compromised via CVE-2025-0282 exploits or remain unpatched. “The facts as we know them remain consistent with our Jan. 8 disclosure. We encourage ...