4 min read
By: RedLegg's Cyber Threat Intelligence Team
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
VULNERABILITIES:
Ivanti Neurons for ITSM Authentication Bypass
CVSS Score: 9.8 (Critical)
Identifier: CVE-2025-22462
Exploit or Proof of Concept (PoC): No public exploit available at this time.
Update: CVE-2025-22462 – Ivanti Security Advisory
Description: CVE-2025-22462 is a critical authentication bypass vulnerability in Ivanti Neurons for ITSM, an IT service management solution. The flaw allows unauthenticated attackers to gain administrative access to unpatched systems through low-complexity attacks, depending on system configuration. This vulnerability affects on-premises instances running versions 2023.4, 2024.2, and 2024.3. Ivanti has released security updates to address this issue and recommends that customers apply the patches immediately. Organizations that have followed Ivanti's guidance on securing the IIS website and restricted access to a limited number of IP addresses and domain names have a reduced risk to their environment.
Mitigation Recommendation: Administrators are strongly advised to apply the May 2025 security patches provided by Ivanti for versions 2023.4, 2024.2, and 2024.3. If immediate patching is not feasible, it is recommended to restrict access to the IIS website to a limited number of IP addresses and domain names, and ensure that the solution is configured with a DMZ for users logging in from outside the company network.
Note: Given the critical nature of this vulnerability, prompt action is essential to secure affected systems. Regularly reviewing and applying security updates is vital to maintaining the integrity and security of your infrastructure.
