Ivanti has disclosed a high-severity safety vulnerability affecting its Cloud Companies Utility (CSA) that might permit attackers to escalate privileges on weak programs. The safety flaw, tracked as CVE-2025-22460, was introduced on Might 13, 2025, as a part of Ivanti’s ongoing safety replace program.
In keeping with the corporate’s safety advisory, the vulnerability is brought on by default credentials current in Ivanti Cloud Companies Utility variations 5.0.4 and earlier.
Profitable exploitation may allow a neighborhood authenticated attacker to realize elevated privileges on affected programs, doubtlessly main to finish system compromise.
The vulnerability has been assigned a CVSS rating of seven.8 (Excessive) with a vector of CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating vital impression on confidentiality, integrity, and availability if exploited.
Cloud Companies Utility Vulnerability
“This vulnerability represents a critical danger for organizations using Ivanti CSA of their environments,” stated Mark Thompson, cybersecurity analyst at Digital Fortress. “Privilege escalation flaws usually function essential stepping stones in broader assault chains.”
Ivanti has launched model 5.0.5 to deal with the vulnerability, obtainable by the corporate’s obtain portal. Nonetheless, the corporate issued an essential caveat relating to the patch implementation.
“It has been recognized that if a Cloud Companies Utility set up is upgraded to model 5.0.5, this repair shouldn’t be routinely utilized as meant,” the advisory states.
This implementation subject means clients should carry out a contemporary set up or comply with particular mitigation steps supplied by Ivanti to correctly safe their programs.
The corporate famous that it’s not conscious of any lively exploitation of this vulnerability within the wild earlier than disclosure. Fraser Hess of Pinnacol Assurance reported the flaw by Ivanti’s accountable disclosure program.
This disclosure comes amid a sequence of safety challenges for Ivanti. Earlier this 12 months, the corporate patched a number of essential vulnerabilities in its Join Safe, Coverage Safe, and ZTA Gateway merchandise.
The CSA is an web equipment that gives safe communication and performance over the Web for Ivanti’s Endpoint Supervisor product line.
Safety consultants advocate that organizations utilizing affected variations prioritize this replace, notably given the implementation points with the patch.
Organizations must also evaluation their safety logs for any indicators of suspicious exercise that may point out earlier exploitation makes an attempt.
Vulnerability Assault Simulation on How Hackers Quickly Probe Web sites for Entry Factors – Free Webinar
