Vulnerability Details CVE-2025-22462
An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-22462
-
cpe:2.3:a:ivanti:neurons_for_itsm:-
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.1
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.2
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.3
-
cpe:2.3:a:ivanti:neurons_for_itsm:2022.4
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.1
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.2
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.3
-
cpe:2.3:a:ivanti:neurons_for_itsm:2023.4
-
cpe:2.3:a:ivanti:neurons_for_itsm:2024.2
-
cpe:2.3:a:ivanti:neurons_for_itsm:2024.3