【Vulnerability Alert】 Ivanti ITSM has a critical security vulnerability (CVE-2025-22462)

• Subject: 【Vulnerability Alert】 Ivanti ITSM has a critical security vulnerability (CVE-2025-22462)
• Description:
  • Forwarded by Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000014
  • ITSM is a reliable and powerful IT service management solution under Ivanti, which helps organizations improve service efficiency, ensure IT operations compliance and security. Recently, a critical security announcement was issued for Ivanti Neurons for ITSM (on-premises only). This vulnerability (CVE-2025-22462, CVSS: 9.8) allows unauthenticated remote attackers to gain system administrative access.
• Affected Platforms:
  • Versions 2023.4, 2024.2, 2024.3
• Recommended Actions:
  • Follow the solutions released on the official website to patch the vulnerability
• Reference:
  • https://www.twcert.org.tw/tw/cp-169-10125-44994-1.html

Network System Division
Computer and Communication Center9