Primary

Context

Cisco IOS XR Software IKEv2 Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software. This vulnerability allows an unauthenticated, remote attacker to disrupt the processing of control plane UDP packets on affected devices. The issue arises from improper handling of malformed IKEv2 packets. Exploitation of this vulnerability can lead to a condition where the device fails to process any control plane UDP packets, causing a denial-of-service situation.

Impact

Exploitation of this vulnerability causes the affected device to stop processing control plane UDP packets, leading to a denial-of-service condition.

Remediation

Cisco has released software updates to address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For platforms or releases not covered by a service contract, contact the Cisco Technical Assistance Center (TAC) for assistance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cisco IOS XR Software IKEv2 Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Cisco IOS XR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating