- Description
- An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated attacker to gain administrative access to the system.
- Source
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
- CWE-288
- Hype score
- Not currently trending
Ivanti has issued patches for a critical CVE-2025-22462 vulnerability in Neurons for ITSM, enabling unauthenticated admin access. Proper configuration and timely updates are crucial, especially for on-premises setups. 🛡️ #ITSecurity #France https://t.co/0t6e8f7SsS
@TweetThreatNews
14 May 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: A Critical Authentication Bypass vulnerability in #Ivanti Neurons for ITSM leads to Remote Unauthenticated Administrative Access. #CVE-2025-22462 CVSS(3.0): 9.8. Read our advisory https://t.co/2QAeBTYZHn and #Patch #Patch #Patch
@CCBalert
14 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ivanti Neurons for ITSMに関する認証バイパス脆弱性 CVE-2025-22462 CVSS9.8 既にパッチがリリースされています。 緩和策 IISの保護設定:アクセス元のIPアドレスやドメインを制限 DMZ経由での構成:社外ネットワークから
@t_nihonmatsu
14 May 2025
87 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-22462 An authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 with the May 2025 Security Patch allows a remote unauthenticated a… https://t.co/gYVtovvX11
@CVEnew
13 May 2025
154 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes