CVE-2024-20426

HIGH EPSS 41.4%
Published Oct 23, 20241y ago · Modified Jun 17, 20262w ago
8.6 CVSS 3.1
High
Find Similar
Published Oct 23, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVSS Details

Base Score
8.6
Exploitability
3.9
Impact
4.0
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
41.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 54

VendorProductVersionRange
ciscoadaptive_security_appliance_software9.18.1any
ciscoadaptive_security_appliance_software9.18.1.3any
ciscoadaptive_security_appliance_software9.18.2any
ciscoadaptive_security_appliance_software9.18.2.5any
ciscoadaptive_security_appliance_software9.18.2.7any
ciscoadaptive_security_appliance_software9.18.2.8any
ciscoadaptive_security_appliance_software9.18.3any
ciscoadaptive_security_appliance_software9.18.3.39any
ciscoadaptive_security_appliance_software9.18.3.46any
ciscoadaptive_security_appliance_software9.18.3.53any
ciscoadaptive_security_appliance_software9.18.3.55any
ciscoadaptive_security_appliance_software9.18.3.56any
ciscoadaptive_security_appliance_software9.18.4any
ciscoadaptive_security_appliance_software9.18.4.5any
ciscoadaptive_security_appliance_software9.18.4.8any
ciscoadaptive_security_appliance_software9.18.4.22any
ciscoadaptive_security_appliance_software9.18.4.24any
ciscoadaptive_security_appliance_software9.18.4.29any
ciscoadaptive_security_appliance_software9.19.1any
ciscoadaptive_security_appliance_software9.19.1.5any
ciscoadaptive_security_appliance_software9.19.1.9any
ciscoadaptive_security_appliance_software9.19.1.12any
ciscoadaptive_security_appliance_software9.19.1.18any
ciscoadaptive_security_appliance_software9.19.1.22any
ciscoadaptive_security_appliance_software9.19.1.24any
ciscoadaptive_security_appliance_software9.19.1.27any
ciscoadaptive_security_appliance_software9.19.1.28any
ciscoadaptive_security_appliance_software9.19.1.31any
ciscoadaptive_security_appliance_software9.20.1any
ciscoadaptive_security_appliance_software9.20.1.5any
ciscoadaptive_security_appliance_software9.20.2any
ciscoadaptive_security_appliance_software9.20.2.10any
ciscoadaptive_security_appliance_software9.20.2.21any
ciscofirepower_threat_defense_software7.2.0any
ciscofirepower_threat_defense_software7.2.0.1any
ciscofirepower_threat_defense_software7.2.1any
ciscofirepower_threat_defense_software7.2.2any
ciscofirepower_threat_defense_software7.2.3any
ciscofirepower_threat_defense_software7.2.4any
ciscofirepower_threat_defense_software7.2.4.1any
ciscofirepower_threat_defense_software7.2.5any
ciscofirepower_threat_defense_software7.2.5.1any
ciscofirepower_threat_defense_software7.2.5.2any
ciscofirepower_threat_defense_software7.2.6any
ciscofirepower_threat_defense_software7.2.7any
ciscofirepower_threat_defense_software7.2.8any
ciscofirepower_threat_defense_software7.2.8.1any
ciscofirepower_threat_defense_software7.3.0any
ciscofirepower_threat_defense_software7.3.1any
ciscofirepower_threat_defense_software7.3.1.1any
ciscofirepower_threat_defense_software7.3.1.2any
ciscofirepower_threat_defense_software7.4.0any
ciscofirepower_threat_defense_software7.4.1any
ciscofirepower_threat_defense_software7.4.1.1any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-9FgEyHsF
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.