Pulse Connect Secure is a virtual private network (VPN) solution that allows businesses to secure their data communications. It provides secure, streamlined access to corporate resources and applications from any device.

Ivanti Connect Secure

Ivanti Policy Secure is a cloud-based security solution that offers reliable access control for networks and applications. It ensures consistent enforcement of compliance by automating authentication and compliance checks across enterprise networks. The software combines user profiling, device assessment, and network access policy implementation for comprehensive security control.

Ivanti Policy Secure

Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a local authenticated attacker to read arbitrary files on disk.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-55147	HIGH	8.8	Ivanti Connect Secure	cpe:2.3:a:ivanti:policy_secure	No	Yes	Sep 09, 2025
CVE-2025-55148	HIGH	7.6	Ivanti Connect Secure	cpe:2.3:a:ivanti:connect_secure	No	Yes	Sep 09, 2025
CVE-2025-8712	MEDIUM	5.4	Ivanti Connect Secure	cpe:2.3:a:ivanti:connect_secure	No	Yes	Sep 09, 2025
CVE-2025-8711	MEDIUM	5.4	Ivanti Connect Secure	cpe:2.3:a:ivanti:connect_secure	No	Yes	Sep 09, 2025
CVE-2025-55146	MEDIUM	4.9	Ivanti Connect Secure	cpe:2.3:a:ivanti:connect_secure	No	Yes	Sep 09, 2025

CVE-2025-5468:
Ivanti Connect Secure vulnerability analysis and mitigation

5.5

Related Ivanti Connect Secure vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-5468: Ivanti Connect Secure vulnerability analysis and mitigation