GCVE - cpe:2.3:a:ivanti:policy_secure:*:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ivanti:policy_secure:*:-:*:*:*:*:*:*

part: a version: * update: -

Vendor	Ivanti (`40b984ad-e54c-5e1b-9aa1-2a4cd4d61129`)
Product	Policy Secure (`ea81dc7e-0eae-5967-b180-2ec37247da5c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-22457`	vulnerable	2026-06-03 14:59:39.995555	Details available CRITICAL (9) A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. Published: 2025-04-03T15:20:23.628Z Updated: 2026-02-26T18:28:57.480Z Open on db.gcve.eu Reference links https://forums.ivanti.com/s/article/April-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-22457	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-39709`	vulnerable	2026-06-03 14:56:22.263072	Details available HIGH (7.8) Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges. Published: 2024-11-13T01:54:45.448Z Updated: 2024-11-23T21:06:04.916Z Open on db.gcve.eu Reference links https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10644`	vulnerable	2026-06-03 14:54:12.246162	Details available CRITICAL (9.1) Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Published: 2025-02-11T15:20:46.680Z Updated: 2026-02-26T19:09:17.981Z Open on db.gcve.eu Reference links https://forums.ivanti.com/s/article/February-Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-and-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.