MDR
Solutions
Partners
About
Resources
Affected Environment
Ivanti Neurons for ITSM, both on‑premise and cloud, versions 2025.3 and earlier are affected. Cloud instances were patched by Ivanti in Dec 2025.
Threat Overview
Two authenticated flaws may allow disabled users to retain access and enable stored XSS to read limited data from other sessions with user interaction.
Exposure Timeline
Ivanti fixed cloud systems on 12 Dec 2025 and released 2025.4 for on‑premise. The report was issued 14 Apr 2026; no active exploitation is reported.
Attack Surface
Exposure exists where Ivanti Neurons for ITSM 2025.3 or earlier remains in use. Risk increases where users have broader access or weak privilege controls.
Technical Root Cause
One flaw stems from improper protection of an alternate access path, bypassing account disablement. The other is stored XSS in the application interface.
Exploitation Pathway
An authenticated attacker could use the alternate path to keep access after disablement, or inject stored XSS that, when triggered, reads limited session data.
Operational Impact
If unpatched, access might persist for disabled users and some data from other sessions may be exposed, undermining access revocation and data controls.
Strategic Impact
Unrevoked access and session data leakage can weaken trust in identity controls and governance, with heightened risk for larger public and private entities.
Required Mitigation
Upgrade all affected Ivanti ITSM instances to 2025.4 after testing. Strengthen vulnerability management, least privilege, segmentation, and exploit protection.
Incident Response Guidance
Verify current Ivanti versions, validate that disablement works, and scan for these issues. If compromise is suspected, investigate accounts and sessions, then remediate.
References
Use Ivanti’s advisory for version and fix details, and official CVE entries for these flaws. Align internal actions with documented safeguards and testing practices.
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)