Cyber Resilience

CVE-2018-0158

HighCISA KEVActive ExploitationEUVD Exploited

Published: 28 March 2018

Published
28 March 2018
Modified
14 January 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score 0.1456 94.6th percentile
Risk Priority 46 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2018-0158 is a high-severity Improper Input Validation (CWE-20) vulnerability in Cisco Ios. Its CVSS base score is 8.6 (High).

Operationally, ranked in the top 5.4% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

The vulnerability CVE-2018-0158 resides in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software. It is caused by incorrect processing of certain IKEv2 packets and is tracked under Cisco Bug ID CSCvf22394 along with CWEs 20 and 401. Successful triggering of the flaw produces a memory leak that can culminate in a device reload.

An unauthenticated remote attacker can exploit the issue simply by sending crafted IKEv2 packets to an affected device. The resulting continuous memory consumption leads to a denial-of-service condition, consistent with the CVSS 8.6 vector that emphasizes network attack feasibility and high availability impact without any authentication or user interaction.

Cisco Security Advisory cisco-sa-20180328-ike together with the referenced ICS-CERT and security-tracker publications address mitigation steps and software updates for the affected platforms.

EU & UK References

Vulnerability details

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads…

more

to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ios
15.5\(3\)s1.1, 15.5\(3\)s1.10, 15.5\(3\)s1.11, 15.5\(3\)s1.12, 15.5\(3\)s1.2
cisco
ios xe
15.5\(3\)s1.1, 15.5\(3\)s1.10, 15.5\(3\)s1.11, 15.5\(3\)s1.12, 15.5\(3\)s1.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly counters the root cause (CWE-20) by validating or rejecting malformed IKEv2 packets before they trigger the memory leak.

prevent

Explicitly requires mechanisms to protect against or limit the impact of DoS conditions caused by crafted network packets.

prevent

Addresses the underlying software flaw (CSCvf22394) through timely patching of the IKEv2 module in IOS/IOS-XE.

References