Ivanti Products Connect Secure and Policy Secure Hit by Denial-of-Service Vulnerabilities
Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access.
The cybersecurity firm announced today that while no customers have been exploited by these vulnerabilities at the time of disclosure, immediate patching is recommended to prevent potential security breaches.
Vulnerability Overview and Impact
Ivanti issued a comprehensive security advisory on July 8, 2025, detailing multiple vulnerabilities affecting both Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.
The vulnerabilities range from improper access control to stack-based buffer overflows, with CVSS scores ranging from 4.9 to 6.6, all classified as medium severity.
The most concerning vulnerability, CVE-2025-5451, represents a stack-based buffer overflow that allows remote authenticated attackers with administrative privileges to trigger denial-of-service conditions.
This vulnerability specifically affects the core functionality of both products and could potentially disrupt network security operations for organizations relying on these solutions.
Another significant security flaw, CVE-2025-5450, involves improper access control in the certificate management component.
This vulnerability enables remote authenticated administrators with read-only permissions to modify settings that should be restricted, potentially compromising the integrity of certificate management processes.
| CVE Number | Description | CVSS Score |
| CVE-2025-5450 | Improper access control in certificate management component | 6.3 (Medium) |
| CVE-2025-5451 | Stack-based buffer overflow causing denial of service | 4.9 (Medium) |
| CVE-2025-5463 | Sensitive information insertion into log files | 5.5 (Medium) |
| CVE-2025-5464 | Sensitive information insertion into log files (Connect Secure only) | 6.5 (Medium) |
| CVE-2025-0293 | CLRF injection allowing configuration file modification | 6.6 (Medium) |
| CVE-2025-0292 | Server-Side Request Forgery (SSRF) | 5.5 (Medium) |
Affected Products and Remediation
The vulnerabilities impact Ivanti Connect Secure versions 22.7R2.7 and prior, as well as Ivanti Policy Secure versions 22.7R1.4 and prior.
Organizations using these products should immediately upgrade to the patched versions: Connect Secure 22.7R2.8 and Policy Secure 22.7R1.5.
Both updated versions are available through Ivanti’s download portal, requiring authenticated access for customers.
The company emphasizes that these patches address all identified vulnerabilities and restore normal security posture for affected systems.
While no active exploitation has been reported, the combination of access control bypasses and denial-of-service vulnerabilities presents a significant risk to organizations.
System administrators should prioritize immediate patching and review their security configurations to ensure proper access controls are maintained.