PT-2025-33332 · Cisco · Cisco Secure Ftd+4
Jason Crowder
·
Published
2024-10-10
·
Updated
2025-09-16
·
CVE-2025-20253
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Cisco IOS Software (affected versions not specified)
Cisco IOS XE Software (affected versions not specified)
Cisco Secure Firewall ASA Software (affected versions not specified)
Cisco Secure FTD Software (affected versions not specified)
Description:
A flaw exists in the IKEv2 feature that may allow a remote attacker to cause a device to reload, leading to a denial-of-service (DoS) condition. This issue stems from improper handling of IKEv2 packets. An attacker could exploit this by transmitting specially crafted IKEv2 packets to a vulnerable device, potentially triggering an infinite loop that depletes resources and causes a reload.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Asa
Cisco Ios
Cisco Ios Xe
Cisco Secure Ftd
Cisco Secure Firewall Asa