February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS)...

February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)

April 25, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title	February Security Advisory Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) (Multiple CVEs)
Type	ivanti
Published	2025-11-02T15:01:15
Last Seen	2025-04-25T23:45:12
CVSS Score	9.9 (CRITICAL)

CVSS v3 Details

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	LOW
User Interaction	NONE
Scope	CHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	HIGH

CVE Information

CVE IDs	CVE-2024-10644, CVE-2024-12058, CVE-2024-13813, CVE-2024-13830, CVE-2024-13842, CVE-2024-13843, CVE-2024-38657, CVE-2025-22467
CWE
Bulletin Family	software

Description

Summary Ivanti has released updates for Ivanti Connect Secure (ICS),Ivanti Policy Secure (IPS) and Ivanti Secure Access Client (ISAC) which addresses medium, high and critical severity vulnerabilities. We are not aware of any customers being exploited…

Impact Assessment

Base Score	9.9
Severity	CRITICAL

View full CVE details