CVE-2025-20182

CWE-787Out-of-bounds Write4 documents4 sources
Severity
8.6HIGH
EPSS
0.3%
top 47.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Cisco Adaptive Security Appliance (asa) SoftwareCisco Cisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance Software+1 more
Timeline
PublishedMay 7

Description

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

NVDcisco/firepower_threat_defense86 versions+85

🔴Vulnerability Details

2
GHSA
GHSA-gv7m-f47c-w86q: A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepowe2025-05-07
CVEList
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software and IOS XE Software IKEv2 Denial of Service Vulnerability2025-05-07

📋Vendor Advisories

1
Cisco
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 Denial of Service Vulnerability2025-05-07
CVE-2025-20182 (HIGH CVSS 8.6) | A vulnerability in the Internet Key | cvebase.io