Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

### Description ### Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

### Description ###
Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

### Description ###
VDB

GCVE-110-CERTCC-2018-857035

GCVE-110-CERTCC-2018-857035
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published August 14, 2018
### Overview ### <p><font color="#333333">Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.</font></p> ### Description ### <table border="0" cellpadding="0" cellspacing="0" class="wrapper-table"><tr><td><p><font color="#333333">The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (</font>CVE-2018-5389<font color="#2F2F2F">)</font></p><p><font color="#333333">It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible.</font></p></td></tr></table> ### Impact ### <table border="0" cellpadding="0" cellspacing="0" class="wrapper-table"><tr><td><p>An attacker may be able to recover a weak Pre-Shared Key.</p></td></tr></table> ### Solution ### <table border="0" cellpadding="0" cellspacing="0" class="wrapper-table"><tr><td><p><b><font color="#333333">Use Secure Passwords</font></b><br/><font color="#333333">Use cryptographically secure PSK values that resist brute force or dictionary attacks.</font></p></td></tr></table> As mentioned in USENIX '18 presentation > To counter these attacks, both entry points must be closed: Only high entropy PSKs should be used, and both PKE and RPKE modes should be deactivated in all IKE devices. It is not sufficient to configure key sep- aration on the sender side. All receivers must also be informed about this key separation – novel solutions are required to achieve this task. ### Acknowledgements ### <p>Thanks to Martin Grothe, Joerg Schwenk, and Dennis Felsch for reporting this vulnerability.</p><p>This document was written by Trent Novelly.</p>

Risk Scores

CVSS 2.0
8.8/10
High · AV:N/AC:M/Au:N/C:C/I:C/A:N
certcc-cam
certcc-cam
impact0population0exploitation0widely_known0score_current0ease_of_exploitation0
certcc-vrda
certcc-vrda
d1_direct_report1
certcc-cvss-temporal-env
certcc-cvss-temporal-env
temporal_score7.9remediation_levelUreport_confidence--environmental_score7.89511617216target_distributionNDenvironmental_vectorCDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

Browse GCVE Records

72,921 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›