Critical Security Updates: Ivanti Patches Flaws in Connect Secure, Policy Secure, and Cloud Services Application

February 12, 2025

Security Flaws Addressed by Ivanti

Ivanti has released security updates to address multiple security flaws in Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution.

List of Vulnerabilities:

• CVE-2024-38657: External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to write arbitrary files.
• CVE-2025-22467: A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution.
• CVE-2024-10644: Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
• CVE-2024-47908: Operating system command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Patched Versions:

• Ivanti Connect Secure 22.7R2.6
• Ivanti Policy Secure 22.7R1.3
• Ivanti CSA 5.0.5

Relevant Threats and Recent Security Research

Malicious actors have been targeting Ivanti appliances in recent attacks. To ensure the security of your system, we recommend that you apply the latest patches to your system.

The recent release of vulnerabilities in SonicWall SonicOS and Fortinet FortiOS has highlighted the importance of staying updated and vigilant in the security landscape.

{{article.example ÚIncrement }