Ivanti has issued fixes for a severe authentication bypass flaw (CVE-2025-22462) in its Neurons for ITSM platform that could let unauthenticated attackers gain admin access, depending on system configuration.
The vulnerability affects on-premises versions up to 2024.3, though Ivanti states there's no evidence of active exploitation. Organizations that followed prior security recommendations—such as limiting IP/domain access or using a DMZ for external logins—face reduced risk.
Ivanti also urged patching a separate issue (CVE-2025-22460) involving default credentials in its Cloud Services Appliance, warning that recent updates may not apply the fix properly.
Admins are advised to either reinstall CSA or follow mitigation steps to secure their systems.
This follows a string of critical flaws previously exploited in Ivanti products, including zero-days linked to Chinese espionage groups.
Read more...