KEV Entry

CVE-2025-22457

Known Exploited Vulnerability Entry External Catalog

Back to Catalog View Vulnerability

Entry Details

Confirmed Exploited

Vulnerability ID

CVE-2025-22457

Status Updated At

2026-04-08 00:00 UTC

Timestamps

First Seen At

2026-04-08

Asserted At

2026-04-08

Scope

Notes

Affected: Ivanti / Ivanti Connect Secure | Description: Evidence of active exploitation in the wild against ICS 9.X (end of life) and 22.7R2.5 and earlier versions since April 2025. | Threat actors: unknown | Origin source: cnw

References

{'id': 'CVE-2025-22457', 'url': 'https://www.cve.org/CVERecord?id=CVE-2025-22457'}
{'id': 'EUVD-2025-9646', 'url': 'https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-9646'}

Entry UUID

6dd50d49-9a6e-4a69-a343-aeacf95bb49a

Catalog Origin UUID

cce329bf-df49-4c6e-a027-80be2e6483bd

Created

2026-06-05 17:01 UTC

Last Updated

2026-06-05 17:01 UTC

Evidence

Type Source Signal Confidence Details GCVE Metadata

Type	Source	Signal	Confidence	Details	GCVE Metadata
csirt_report	enisa-cnw-kev	successful_exploitation	0.75	View details `{ "catalog": "ENISA / EU CSIRTs Network (CNW) KEV JSON", "cwes": "-", "dateReported": "2026/04/08", "euvd": "EUVD-2025-9646", "exploitationType": "-", "notes": "-", "originSource": "cnw", "product": "Ivanti Connect Secure", "threatActorsExploiting": "unknown", "vendorProject": "Ivanti", "vulnerabilityName": "-" }`	-

csirt_report

enisa-cnw-kev

successful_exploitation

0.75

View details

{
  "catalog": "ENISA / EU CSIRTs Network (CNW) KEV JSON",
  "cwes": "-",
  "dateReported": "2026/04/08",
  "euvd": "EUVD-2025-9646",
  "exploitationType": "-",
  "notes": "-",
  "originSource": "cnw",
  "product": "Ivanti Connect Secure",
  "threatActorsExploiting": "unknown",
  "vendorProject": "Ivanti",
  "vulnerabilityName": "-"
}

Export Options

JSON Object JSON API View Full Catalog