cbcvebase.
CVE-2018-0154
published 2018-03-28

CVE-2018-0154: A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated…

PriorityP276high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-03-17
Exploited in the wild
EPSS
7.07%
93.4th percentile
A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traffic by the affected device. An attacker could exploit this vulnerability by sending crafted VPN traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to hang or crash, resulting in a DoS condition. Cisco Bug IDs: CSCvd39267.

Affected

1 ranges
VendorProductVersion rangeFixed in
ciscoios

Detection & IOCsextracted from sources · hover to see the quote

  • Trigger condition is crafted VPN traffic sent to a device running Cisco ISM-VPN on IOS Software; monitor for unexpected device hangs or crashes (DoS) on ISM-VPN-equipped routers following inbound VPN traffic
  • The vulnerability is specific to the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN); focus detection on devices with this module installed running Cisco IOS Software
  • ·No workarounds are available for this vulnerability; the only mitigation is applying Cisco's software updates
  • ·Cisco Bug ID CSCvd39267 tracks this issue; use this identifier when cross-referencing Cisco's advisory and patch tracking systems

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
vulncheck7.5HIGH
cisa7.5HIGH
vendor_cisco8.6HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.