¡¾Îó²îͨ¸æ¡¿Ivanti¶à¿î²úÆ·»º³åÇøÒç³öÎó²î(CVE-2025-0282)

Ðû²¼Ê±¼ä 2025-01-14

Ò»¡¢Îó²î¸ÅÊö

Îó²îÃû³Æ

Ivanti¶à¿î²úÆ·»º³åÇøÒç³öÎó²î

CVE   ID

CVE-2025-0282

Îó²îÀàÐÍ

»º³åÇøÒç³ö

·¢Ã÷ʱ¼ä

2025-01-14

Îó²îÆÀ·Ö

9.0

Îó²îÆ·¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

µÍ

ʹÓÃÄѶÈ

¸ß

Óû§½»»¥

ÎÞ

PoC/EXP

δ¹ûÕæ

ÔÚҰʹÓÃ

ÒÑ·¢Ã÷


Ivanti Connect Secure£¨Ç°³Æ Pulse Connect Secure£©ÊÇ Ivanti ÌṩµÄÆóÒµ¼¶ SSL VPN ½â¾ö¼Æ»®£¬£¬£¬£¬£¬£¬Ö¼ÔÚΪԶ³ÌÓû§ÌṩÇå¾²µÄÍøÂç»á¼û¡£¡£¡£¡£¡£Í¨¹ý¼ÓÃÜͨµÀ°ü¹ÜÊý¾ÝÇå¾²£¬£¬£¬£¬£¬£¬Ö§³ÖÉí·ÝÑéÖ¤ºÍ»á¼û¿ØÖÆ£¬£¬£¬£¬£¬£¬ÊÊÓÃÓÚÔ¶³Ì°ì¹«¡¢ÏàÖúͬ°é»á¼ûºÍ·ÖÖ§»ú¹¹ÅþÁ¬µÈ¸ßÇå¾²ÐÔ³¡¾°¡£¡£¡£¡£¡£


2025Äê1ÔÂ14ÈÕ£¬£¬£¬£¬£¬£¬c7c7ÓéÀÖƽ̨¼¯ÍÅVSRC¼à²âµ½Ivanti¹Ù·½Ðû²¼Á˸üУ¬£¬£¬£¬£¬£¬ÐÞ¸´ÁËIvanti Connect Secure¡¢Policy SecureºÍZTA GatewaysÖеÄÁ½¸ö»º³åÇøÒç³öÎó²î£ºCVE-2025-0282ºÍCVE-2025-0283¡£¡£¡£¡£¡£ÆäÖУ¬£¬£¬£¬£¬£¬CVE-2025-0282Îó²î±»ÆÀ¶¨ÎªÑÏÖØ£¬£¬£¬£¬£¬£¬CVSSÆÀ·ÖΪ9.0·Ö£»£»£»£»£»£»CVE-2025-0283Îó²îÔò±»ÆÀ¶¨Îª¸ßΣ£¬£¬£¬£¬£¬£¬CVSSÆÀ·ÖΪ7.0·Ö¡£¡£¡£¡£¡£


CVE-2025-0282£ºÔ¶³Ìδ¾­ÈÏÖ¤µÄ¹¥»÷Õß¿Éͨ¹ý´ËÎó²îʵÏÖÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬£¬£¬£¬CVE-2025-0283£ºÍâµØÒÑÈÏÖ¤¹¥»÷Õß¿ÉʹÓôËÎó²îÌáÉýȨÏÞ¡£¡£¡£¡£¡£


¶þ¡¢Ó°Ïì¹æÄ£


22.7R2 <= Ivanti Connect Secure <= 22.7R2.4
22.7R1 <= Ivanti Policy Secure <= 22.7R1.2

22.7R2 <= Ivanti Neurons for ZTA <= 22.7R2.3


Èý¡¢Çå¾²²½·¥


3.1 Éý¼¶°æ±¾


ÏÖÔÚ¸ÃÎó²îÒѾ­ÐÞ¸´£¬£¬£¬£¬£¬£¬ÊÜÓ°ÏìÓû§¿ÉÉý¼¶µ½ÒÔÏ°汾£º
Ivanti Connect Secure >= 22.7R2.5
Ivanti Neurons for ZTA gateways >= 22.7R2.5£¨Ivanti Policy Secure ¡¢ZTA gateways²¹¶¡Ô¤¼ÆÓÚ1ÔÂ21ÈÕÐû²¼£©


ÏÂÔØÁ´½Ó£º

https://portal.ivanti.com/


3.2 ÔÝʱ²½·¥


ÈôIvanti Connect SecureµÄICTɨÃèЧ¹ûÕý³££¬£¬£¬£¬£¬£¬¿ÉÔÚÉý¼¶µ½22.7R2.5Ç°»Ö¸´³ö³§ÉèÖ㻣»£»£»£»£»Èô·¢Ã÷Íþв£¬£¬£¬£¬£¬£¬ÐèÖ´Ðлָ´³ö³§ÉèÖᣡ£¡£¡£¡£Ivanti Policy SecureºÍZTA Gateways½«ÔÚ1ÔÂ21ÈÕÐû²¼ÐÞ¸´£¬£¬£¬£¬£¬£¬Óû§Ó¦È·±£×°±¸²»Ì»Â¶ÓÚ»¥ÁªÍø¡£¡£¡£¡£¡£


3.3 ͨÓý¨Òé


? °´ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬£¬£¬£¬ïÔ̭ϵͳÎó²î£¬£¬£¬£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£¡£¡£

ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬£¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬£¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£¡£¡£

ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£¡£¡£

ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò£¬£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£¡£

ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£¡£¡£


3.4 ²Î¿¼Á´½Ó


https://www.tenable.com/blog/cve-2025-0282-ivanti-connect-secure-zero-day-vulnerability-exploited-in-the-wild
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/
https://www.cisa.gov/cisa-mitigation-instructions-cve-2025-0282
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US