Ivanti is warning customers that a critical vulnerability that impacts its VPN appliances and other products has already been exploited in the wild by a Chinese APT group. The flaw was originally flagged by Ivanti as a denial-of-service issue, but attackers figured out how to exploit it for remote code execution.
The vulnerability, now tracked as CVE-2025-22457 with a severity score of 9.0 (Critical) on the CVSS scale, was exploited to deploy two new malware programs on Ivanti Connect Secure appliances versions 22.7R2.5 and earlier and Pulse Connect Secure 9.1x appliances that had reached end-of-support in December.
Continue reading on CSO.
Source:: Network World