Notices where this attachment appears
-
Embed this notice
The Shadowserver Foundation (shadowserver@infosec.exchange)'s status on Monday, 13-Jan-2025 22:23:33 JST 
The Shadowserver Foundation
We have started reporting unpatched Ivanti Connect Secure instances likely vulnerable to the new known to be exploited in the wild CVE-2025-0282.
We see 2048 likely vulnerable instances worldwide on 2025-01-09. Top: US
Dashboard overview by country: https://dashboard.shadowserver.org/statistics/combined/tree/?day=2025-01-09&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-0282%2B&geo=all&data_set=count&scale=log
Vulnerable IP data is shared daily for your network/constituency in our https://shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/ tagged 'cve-2025-0282'
If you receive an alert from us, make sure to follow @cisacyber mitigation instructions: https://cisa.gov/cisa-mitigation-instructions-cve-2025-0282
Ivanti patch info: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283?language=en_US
Thank you to @watchtowrcyber for the insights and collaboration!
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.