Shodan
Vulnerabilities
Vulnerable Software
Ivanti:  Security Vulnerabilities
CVE-2025-0282
Known exploited
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.
CVSS Score
9.0
EPSS Score
1.0
Published
2025-01-08
CVE-2025-0283
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.0
EPSS Score
0.171
Published
2025-01-08
CVE-2024-37401
An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.014
Published
2024-12-12
CVE-2024-37377
A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.017
Published
2024-12-12
CVE-2024-8496
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-12-11
CVE-2024-9845
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-12-11
CVE-2024-10251
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-12-11
CVE-2024-11597
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-12-11
CVE-2024-11598
Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-12-11
CVE-2024-7572
Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated attacker to delete arbitrary files.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-12-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved