Tag
strongSwan 5.9.13 Denial-of-Service Vulnerability (CVE-2026-35333)
2 rules 1 TTPA denial-of-service vulnerability exists in strongSwan version 5.9.13 due to a flaw in the eap-radius plugin when built with DAE enabled, allowing remote attackers to exhaust worker threads by sending a crafted RADIUS Access-Request (CVE-2026-35333).
strongSwan 5.9.13 libsimaka EAP-SIM/AKA Heap Buffer Overflow Vulnerability
2 rules 1 TTPA remote exploit is available for strongSwan 5.9.13 exploiting a heap buffer overflow in the libsimaka EAP-SIM/AKA module (CVE-2026-35330), enabling pre-authentication exploitation via a malformed EAP-SIM/AKA payload.
strongSwan eap-mschapv2 Plugin Vulnerability
2 rules 2 TTPsA remote, anonymous attacker can exploit a vulnerability in strongSwan's eap-mschapv2 plugin to cause a denial of service condition or possibly execute arbitrary code.
Multiple Vulnerabilities in strongSwan Enable Denial of Service and Code Execution
2 rules 2 TTPsA remote, anonymous attacker can exploit multiple vulnerabilities in strongSwan to conduct a denial-of-service attack or potentially achieve arbitrary code execution.
strongSwan EAP-TTLS AVP Integer Underflow Vulnerability (CVE-2026-25075)
2 rules 1 TTPAn integer underflow vulnerability in strongSwan's EAP-TTLS AVP parser allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication, leading to excessive memory allocation or a NULL pointer dereference.