{"id":2080,"date":"2025-04-28T19:32:01","date_gmt":"2025-04-28T19:32:01","guid":{"rendered":"http:\/\/localhost\/?p=2080"},"modified":"2025-04-28T19:32:01","modified_gmt":"2025-04-28T19:32:01","slug":"march-security-advisory-ivanti-secure-access-client-isac-cve-2025-22454","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2080","title":{"rendered":"March Security Advisory Ivanti Secure Access Client (ISAC) (CVE-2025-22454)"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nMarch Security Advisory Ivanti Secure Access Client (ISAC) (CVE-2025-22454)<\/td>\n<\/tr>\n
Type<\/th>\nivanti<\/td>\n<\/tr>\n
Published<\/th>\n2025-11-03T13:52:58<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-28T23:49:48<\/td>\n<\/tr>\n
CVSS Score<\/th>\n7.8 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nLOCAL<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nLOW<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-22454<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nsoftware<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n **Summary**<\/p>\n

Ivanti has released updates for Ivanti Secure Access Client (ISAC) which addresses one high severity vulnerability. Successful exploitation could lead to privilege escalation.<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.<\/p>\n

**Vulnerability Details:**<\/p>\n

**CVE Number**| **Description**| **CVSS Score (Severity)**| **CVSS Vector**| **CWE**| **Impacted Product(s)**
\n—|—|—|—|—|—
\nCVE-2025-22454| Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | 7.8 (High)| CVSS:3.0\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H| CWE-732| Secure Access Client (Windows only) <\/p>\n

**Affected Versions**<\/p>\n

**Product Name**| **Affected Version(s)**| **Affected CPE(s)**| **Resolved Version(s)**| **Patch Availability**
\n—|—|—|—|—
\nIvanti Secure Access Client (ISAC)| 22.7R3 and prior| cpe:2.3:a:ivanti:secure_access_client:22.7:r3:*:*:*:*:*:*| 22.7R4 22.8R1| Download Portal https:\/\/portal.ivanti.com\/ <\/p>\n

**Solution**<\/p>\n

The resolved versions of the product can be accessed in the download portal (Login Required):<\/p>\n

* Ivanti Secure Access Client 22.7R4
\n * Ivanti Secure Access Client 22.8R1<\/p>\n

**Acknowledgements**<\/p>\n

Ivanti would like to thank the following for reporting the relevant issues and for working with Ivanti to help protect our customers:<\/p>\n

* Naor Hodorov of Hackerone<\/p>\n

_Note: Ivanti is dedicated to ensuring the security and integrity of our enterprise software products. We recognize the vital role that security researchers, ethical hackers, and the broader security community play in identifying and reporting vulnerabilities. Visit_ _HERE_ _to learn more about our Vulnerability Disclosure Policy._<\/p>\n

**FAQ**<\/p>\n

1. **Are you aware of any active exploitation of these vulnerabilities?**<\/p>\n

We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program. <\/p>\n

2. **How can I tell if I have been compromised?**
\nCurrently, there is no known public exploitation of this vulnerability that could be used to provide a list of indicators of compromise.
\n 3. **What should I do if I need help?**<\/p>\n

**** If you have questions after reviewing this information, you can log a case and\/or request a call via the** Success Portal**<\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n7.8<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n