Ivanti recently repaired a critical gravity failure in the VPN Connection Safe
Mandiant says that the error is being used in nature by Chinese actors
Two new malware strains were discovered
Ivanti has recently paved a vulnerability of critical gravity found in its VPN Connect Secure (ICS) appliances that was supposedly abused in nature by actors sponsored by the Chinese state.
Mandiant researchers published a new security notice indicating that Ivanti discovered and set a buffer overflow vulnerability in ICS 9.x (without support) and 22.7R2.5 and previous versions. Vulnerability is tracked as CVE-2025-22457, and has a gravity score of 9.0/10 (critical).
