VDB
CVE-2021-40125
CVE-2021-40125
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.
EPSS 0.33% · 56.4th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.33%
56.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | n/a |
| cisco | asa_5525-x_firmware | * |
| cisco | asa_5512-x_firmware | 009.016\(001.025\) |
| cisco | firepower_threat_defense | 6.6.0, 0, 7.0.0 |
| cisco | asa_5505_firmware | 009.016\(001.025\) |
| cisco | asa_5580_firmware | 009.016\(001.025\) |
| cisco | asa_5555-x_firmware | * |
| cisco | asa_5515-x_firmware | 009.016\(001.025\) |
| cisco | asa_5545-x_firmware | 009.016\(001.025\) |
| cisco | adaptive_security_appliance_software | 9.16.0, 9.15.0, 9.14.0 |
| cisco | asa_5585-x_firmware | * |
Exploit Intelligence
Timeline
- Oct 27, 2021 CVE Published
- Oct 28, 2021 EPSS Score
- Dec 23, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 14, 2022 EPSS Score
- Jun 9, 2022 EPSS Score
- Aug 5, 2022 EPSS Score
- Sep 30, 2022 EPSS Score
- Nov 25, 2022 EPSS Score
- Jan 20, 2023 EPSS Score