The Vulnerability in Detail
Ivanti has disclosed a high severity security flaw in its Neurons for ITSM platform. This vulnerability allows an attacker who already possesses valid but low level credentials to escalate their privileges and gain full administrative control over the affected system. The issue stems from improper access controls, meaning a remote authenticated user can exploit the weakness over the network without any user interaction. The impact is significant, as full admin access can compromise the confidentiality, integrity, and availability of the entire IT service management environment.
Affected Systems and Patch Guidance
The vulnerability impacts on premises versions of the platform up to 2025.4. Ivanti has released patches to fix the issue, with version 2025.4 Patch 1 being the primary fix. Backported updates are also available for versions 2025.3 Patch 1 and 2025.2 Patch 1. For cloud customers, Ivanti has already applied the necessary fixes across all cloud environments, with patches deployed on May 24 and 25. Organizations running on premises versions are strongly urged to update immediately through the Ivanti License System portal to prevent potential exploitation.
Current Risk Assessment
At the time of disclosure, Ivanti confirmed there is no evidence of active exploitation in the wild. However, due to the ease of exploitation and the high potential impact, the company issued an out of band security advisory to accelerate patching efforts. Administrators should treat this as a priority, as an attacker who compromises a low level account could use this flaw to seize complete control of the ITSM system, potentially creating backdoors or manipulating sensitive data and configurations.
Source: Cyber Security News
