Security Update: Pulse Connect Secure, Ivanti Connect Secure, Policy Secure and Neurons for ZTA Gateways
Summary
** The following has been updated to make clear the vulnerability was fully patched in Ivanti Connect Secure 22.7R2.6 (released February 11, 2025). At Ivanti, our mission is to empower customers to defend their environments in an evolving and increasingly sophisticated threat landscape.
CISA Known Exploited Vulnerability
- Listed:
- Apr 4, 2025 · federal remediation due Apr 11, 2025
- Required action:
- Apply mitigations as set forth in the CISA instructions linked below.
- Ransomware use:
- Known
KEV is a prioritization signal from CISA — remediation detail still comes from the vendor advisory.
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · medium-confidence parse· fetched 5 days ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.