CVE-2025-22460
HIGHDescription
Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.
Is your site exposed to CVE-2025-22460?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ivanti | cloud_services_appliance |
References
Frequently Asked Questions
What is CVE-2025-22460? +
How severe is CVE-2025-22460? +
What products are affected by CVE-2025-22460? +
How do I check if I'm vulnerable to CVE-2025-22460? +
Related Vulnerabilities
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical …
NetBird VPN when installed using vendor's provided script failed to remove or change default password of an admin account created …
If misconfigured, alpitronic Hypercharger EV charging devices can expose a web interface protected by authentication. If the default credentials are …
Longse NVR (Network Video Recorder) model NVR3608PGE2W, as well as products based on this device, create a WiFi network with …
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might …
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts.