CVE-2025-0282 and CVE-2025-0283: Critical Ivanti 0days Exploited in the Wild

Critical zero-day vulnerabilities, specifically CVE-2025-0282 and CVE-2025-0283, are actively being exploited in the wild within Ivanti Connect Secure appliances. CVE-2025-0282 represents a critical Remote Code Execution (RCE) flaw, allowing attackers to execute arbitrary commands on vulnerable systems. The active exploitation status indicates an immediate threat to organizational security perimeters relying on these identity and access management solutions. Successful exploitation could lead to full system compromise, data exfiltration, and lateral movement within affected networks. No specific threat actors or malware families are identified in this report, suggesting broad opportunistic or targeted exploitation. Immediate mitigation requires applying vendor patches urgently. Security teams should prioritize asset inventory to identify exposed Ivanti instances and monitor network traffic for suspicious activity associated with these vulnerabilities. Delayed remediation significantly increases the risk of compromise given the critical severity and active wild exploitation status reported.

Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently.

Critical zero-day vulnerabilities, specifically CVE-2025-0282 and CVE-2025-0283, are actively being exploited in the wild within Ivanti Connect Secure appliances. CVE-2025-0282 represents a critical Remote Code Execution (RCE) flaw, allowing attackers to execute arbitrary commands on vulnerable systems. The active exploitation status indicates an immediate threat to organizational security perimeters relying on these identity and access management solutions. Successful exploitation could lead to full system compromise, data exfiltration, and lateral movement within affected networks. No specific threat actors or malware families are identified in this report, suggesting broad opportunistic or targeted exploitation. Immediate mitigation requires applying vendor patches urgently. Security teams should prioritize asset inventory to identify exposed Ivanti instances and monitor network traffic for suspicious activity associated with these vulnerabilities. Delayed remediation significantly increases the risk of compromise given the critical severity and active wild exploitation status reported. Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently. Detect and mitigate CVE-2025-0282, a critical RCE vulnerability in Ivanti Connect Secure and CVE-2025-0283, exploited as 0day vulnerabilities in the wild. Organizations should patch urgently.