Two recently disclosed vulnerabilities in Ivanti products, CVE-2025-0282 and CVE-2025-0283, are reportedly being exploited by China-backed threat actors, raising cybersecurity concerns.
The NCSC is working to fully understand the UK impact and is investigating cases of active exploitation affecting UK networks, highlighting the wide-reaching implications of these vulnerabilities.
An Ivanti spokesperson emphasized the importance of continuously monitoring internal and external ICT as part of a comprehensive approach to cybersecurity to maintain network integrity.
While patches are now available for CVE-2025-0282 in Connect Secure, vulnerabilities in Policy Secure and Neurons for ZTA remain unpatched, delaying essential protections.
Collection
[
|
...
]