CVE-2023-33086

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 4, 2024
Updated: Jan 10, 2025
CWE ID 401

Summary

CVE-2023-33086 is a newly identified transient Denial of Service (DoS) vulnerability that affects the processing of multiple IKEV2 Informational Requests from IPSEC servers. This issue arises when the device encounters requests with different identifiers, leading to an overload and potential crashing of the system. Attackers can exploit this vulnerability by sending a large number of such requests, causing a temporary disruption of service. This vulnerability poses a significant risk to organizations that rely on IPSEC for secure communication, as it can result in service interruptions and potential data loss. Organizations are advised to apply patches or updates as soon as they become available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share