Hackers are exploiting a new Ivanti VPN security bug to hack into company networks

Ivanti's VPN faces a zero-day vulnerability exploited by hackers, prompting urgent patch releases.

: Ivanti's enterprise VPN is compromised by a zero-day vulnerability, identified as CVE-2025-0282, which allowed hackers to infiltrate company networks. The issue was identified by the Ivanti Integrity Checker Tool, and incident response firm Mandiant linked potential exploits to China-linked groups. While patches are available for some products, others are delayed until January 21, and another vulnerability, CVE-2025-0283, remains unexploited.

Ivanti has reported a zero-day vulnerability, CVE-2025-0282, in its Connect Secure VPN, which has already been exploited by hackers to infiltrate customer networks. The vulnerability was discovered by the Ivanti Integrity Checker Tool and further investigated by Mandiant and Microsoft researchers, who suspect a possible linkage to China-backed cyberespionage groups.

A patch for Connect Secure is currently available, while patches for other affected products, Policy Secure and ZTA Gateways, are expected by January 21. A second vulnerability, CVE-2025-0283, has also been discovered but not yet exploited, heightening concerns over the security of Ivanti's products.

Ben Harris of watchTowr Labs warned of the widespread impact of this flaw, and both the U.K.'s National Cyber Security Centre and the U.S. CISA are actively investigating the exploitation. Due to its potential use by advanced persistent threat actors, experts emphasize the critical need for organizations to address this vulnerability.