What the vulnerability does

01Description

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.

Key dates

02Disclosure timeline

March 14, 2024 CVE published
August 1, 2024 Record updated