Unrated severityCISA KEVNVD Advisory· Published Mar 28, 2018· Updated Jan 12, 2026

CVE-2018-0158

Description

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/103566mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1040595mitrevdb-entryx_refsource_SECTRACK
ics-cert.us-cert.gov/advisories/ICSA-18-107-03mitrex_refsource_MISC
ics-cert.us-cert.gov/advisories/ICSA-18-107-04mitrex_refsource_MISC
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ikemitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.012
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000