CVE-2025-0293: 
Ivanti Connect Secure vulnerability analysis and mitigation

A CLRF injection vulnerability was identified in Ivanti Connect Secure prior to version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5. The vulnerability was disclosed on July 8, 2025, and was assigned the identifier CVE-2025-0293. This security flaw affects the configuration file system of both Ivanti Connect Secure and Ivanti Policy Secure products (NVD, CVE).

The vulnerability is classified as CWE-93 (Improper Neutralization of CRLF Sequences). It received a CVSS v3.1 base score of 6.6 (MEDIUM) from Ivanti with a vector string of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L, while NIST assigned a lower score of 2.7 (LOW) with a vector string of CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N (NVD).

The vulnerability allows a remote authenticated attacker with administrative privileges to write to protected configuration files on the system disk. This could potentially lead to unauthorized modification of system configurations (NVD).

Users are advised to upgrade Ivanti Connect Secure to version 22.7R2.8 or later, and Ivanti Policy Secure to version 22.7R1.5 or later to address this vulnerability (NVD).