New assessment for topic: CVE-2025-22457
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis) and developing a [PoC exploit script](https://github.com/sfewer-r7/CVE-2025-22457), I am rating the `Attacker Value` for this vulnerability as `Very High`, as Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways are high profile targets for state-sponsored threat actors and have been regularly exploited in the wild in the past (including this vulnerability CVE-2025-22457) ..."
Link:
https://attackerkb.com/assessments/fa985251-6adb-46fd-b1c6-9a84dbffb823