Critical Ivanti Flaw Actively Exploited in the Wild

Ivanti has disclosed a critical vulnerability patched in its Connect Secure product, which is being actively exploited in the wild. This flaw, referenced under CVE-2025-22457 with a CVSS score of 9.0, is a stack-based buffer overflow that could allow arbitrary code execution on affected systems. Attackers are using this vulnerability to deploy the TRAILBLAZE and BRUSHFIRE malware.