What the vulnerability does

01Description

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a specially crafted IKEv2 payload.

Key dates

02Disclosure timeline

January 9, 2025 CVE published
January 9, 2025 Record updated