CVE-2021-40125

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue is related to the Internet Key Exchange Version 2 (IKEv2) implementation, which is affected by improper control of a resource, potentially allowing an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.