Remediation: Organizations are urged to immediately update their Ivanti Connect Secure appliances to version 22.7R2.6 released in February or later to address CVE-2025-22457. Customers should also use the external version of the Integrity Checker Tool and look for web server crashes.”If your ICT result shows signs of compromise, you should perform a factory reset on the appliance and then put the appliance back into production using version 22.7R2.6,” Ivanti said in its advisory.”To supplement this, defenders should actively monitor for core dumps related to the web process, investigate ICT statedump files, and conduct anomaly detection of client TLS certificates presented to the appliance,” the Mandiant researchers said.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3954735/ivanti-warns-customers-of-new-critical-flaw-exploited-in-the-wild.html
