<ul><li>Ivanti has released a patch for a critical-severity vulnerability in Neurons for ITSM IT service management solution, allowing potential admin rights on target systems.</li><li>The vulnerability (CVE-2025-22462) affects on-prem instances before certain versions and can be exploited by remote unauthenticated actors.</li><li>No evidence of exploitation in the wild has been reported yet, but users are urged to apply the fix as a preventive measure.</li><li>Following Ivanti's security guidance can help reduce the risk of potential attacks, as organizations are advised to secure the IIS website and restrict access to specific IP addresses and domains.</li></ul>

Ivanti Neurons for ITSM could be targeted by authentication bypass flaw, so watch out

Discover more