Overview
The vulnerability, identified as CVE-2025-5456, presents a significant threat to users of several Ivanti software products. It involves a buffer over-read weakness that could potentially lead to a system compromise or data leakage. The vulnerability affects a wide range of Ivanti products and versions and poses a substantial risk due to its high CVSS severity score of 7.5.
Vulnerability Summary
CVE ID: CVE-2025-5456
Severity: High – CVSS 7.5
Attack Vector: Network
Privileges Required: None
User Interaction: None
Impact: Potential system compromise, data leakage, and denial of service
Affected Products
Product | Affected Versions
Ivanti Connect Secure | Before 22.7R2.8 or 22.8R2
Ivanti Policy Secure | Before 22.7R1.5
Ivanti ZTA Gateway | Before 2.8R2.3-723
Ivanti Neurons for Secure Access | Before 22.8R1.4
How the Exploit Works
The CVE-2025-5456 vulnerability exploits a buffer over-read weakness in the Ivanti software. A buffer over-read occurs when more data is read than should be allowed, causing a system to crash or become unstable. In this case, an unauthenticated attacker could remotely trigger a denial of service, compromising the system and potentially leading to data leakage.
Conceptual Example Code
Here is a
conceptual
example of how this vulnerability might be exploited:
GET /vulnerable/data HTTP/1.1
Host: target.example.com
Range: bytes=0-99999999
HTTP/1.1 206 Partial Content
Content-Range: bytes 0-99999999/100000000
Content-Length: 100000000
{ "malicious_payload": "..." }
In this example, the attacker requests more data than the server should allow, leading to a buffer over-read and triggering a denial of service.
