Chinese Hackers Exploit Misdiagnosed RCE in Ivanti VPN Appliances

Ivanti has misdiagnosed a remote code execution vulnerability (CVE-2025-22457) in its VPN appliances. Mandiant reports that Chinese hackers, identified as UNC5221, are exploiting this flaw in the wild. This vulnerability affects Ivanti Connect Secure products, formerly known as Pulse Connect Secure. The attacks exploit this flaw to compromise targeted networks.