CVE-2024-20474

Summary

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software. Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Client4.9.00086affected
CiscoCisco Secure Client4.9.01095affected
CiscoCisco Secure Client4.9.02028affected
CiscoCisco Secure Client4.9.03047affected
CiscoCisco Secure Client4.9.03049affected
CiscoCisco Secure Client4.9.04043affected
CiscoCisco Secure Client4.9.04053affected
CiscoCisco Secure Client4.9.05042affected
CiscoCisco Secure Client4.9.06037affected
CiscoCisco Secure Client4.10.00093affected
CiscoCisco Secure Client4.10.01075affected
CiscoCisco Secure Client4.10.02086affected
CiscoCisco Secure Client4.10.03104affected
CiscoCisco Secure Client4.10.04065affected
CiscoCisco Secure Client4.10.04071affected
CiscoCisco Secure Client4.10.05085affected
CiscoCisco Secure Client4.10.05095affected
CiscoCisco Secure Client4.10.05111affected
CiscoCisco Secure Client4.10.06079affected
CiscoCisco Secure Client4.10.06090affected
CiscoCisco Secure Client4.10.07061affected
CiscoCisco Secure Client4.10.07062affected
CiscoCisco Secure Client4.10.07073affected
CiscoCisco Secure Client4.10.08025affected
CiscoCisco Secure Client4.10.08029affected
CiscoCisco Secure Client5.0.00238affected
CiscoCisco Secure Client5.0.00529affected
CiscoCisco Secure Client5.0.00556affected
CiscoCisco Secure Client5.0.01242affected
CiscoCisco Secure Client5.0.02075affected
CiscoCisco Secure Client5.0.03072affected
CiscoCisco Secure Client5.0.03076affected
CiscoCisco Secure Client5.0.04032affected
CiscoCisco Secure Client5.0.05040affected
CiscoCisco Secure Client5.1.0.136affected
CiscoCisco Secure Client5.1.1.42affected
CiscoCisco Secure Client5.1.2.42affected
CiscoCisco Secure Client5.1.3.62affected

Weaknesses

  • CWE-191: Integer Underflow (Wrap or Wraparound)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References