CVE-2025-55142
Published: 09 September 2025
Summary
CVE-2025-55142 is a high-severity Missing Authorization (CWE-862) vulnerability in Ivanti Connect Secure. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 13.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations, directly preventing read-only admins from configuring authentication settings.
Applies least privilege to ensure read-only admin accounts cannot modify sensitive authentication configurations.
Restricts access to mechanisms for changing system configurations, such as authentication settings, beyond read-only privileges.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Missing authorization (CWE-862) allows low-privileged authenticated admin to modify auth settings, directly enabling privilege escalation (T1068) and modification of authentication mechanisms (T1556).
NVD Description
Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with read-only admin…
more
privileges to configure authentication related settings.
Deeper analysisAI
CVE-2025-55142 is a missing authorization vulnerability (CWE-862) present in Ivanti Connect Secure prior to version 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723, and Ivanti Neurons for Secure Access before 22.8R1.4. This flaw stems from inadequate access controls, enabling unauthorized modifications to certain components. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.
A remote authenticated attacker with read-only admin privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows the attacker to configure authentication-related settings, which could enable further privilege escalation, bypass security controls, or disrupt access mechanisms, leading to high-impact outcomes across the affected systems.
Ivanti's September Security Advisory, available at https://forums.ivanti.com/s/article/September-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-and-Neurons-for-Secure-Access-Multiple-CVEs?language=en_US, details the vulnerability and recommends upgrading to the fixed versions listed above. For Ivanti Neurons for Secure Access, a fix was deployed on August 2, 2025. Security practitioners should prioritize patching these gateways to mitigate the risk.
Details
- CWE(s)