CVE-2018-0158
CVE-2018-0158
In short
A flaw in Cisco IOS and IOS XE's IKEv2 module allows attackers to crash or freeze devices by sending specially crafted packets, disrupting network services.
Technical detail
The vulnerability exists in IKEv2 packet processing due to improper input validation (CWE-20). An unauthenticated remote attacker can trigger a memory leak or device reload by transmitting malformed IKEv2 packets, resulting in denial of service. The affected device continuously consumes memory until failure.
Summary generated and translated by AI from the official description.
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected products
n/a · Cisco IOS and IOS XEWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ikehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0158http://www.securityfocus.com/bid/103566http://www.securitytracker.com/id/1040595