EUVD-2026-21197

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service DoS. If an affected device receives a...

CVE-2026-33778

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service DoS. If an affected device receives a...

CVE-2026-33778

CVE-2026-33778 affects Junos OS on SRX Series and MX Series. The vulnerability is in the IPsec library used by kmd/iked, where processing a specifically malformed first ISAKMP packet can cause the kmd/iked process to crash and restart. This results in a momentary inability to establish new securi...

Exploit for Out-of-bounds Write in Watchguard Fireware

CVE-2025-14733 — WatchGuard Firebox iked Out-of-Bounds Write A...

WatchGuard Firebox OS 2025.1 / 12.x < 12.11.4 / 12.5.x < 12.5.13 / 11.x Out of Bounds Write Vulnerability

According to its self-reported version, the instance of WatchGuard Firebox OS running on the remote host is 2025.1, 12.x prior to 12.11.4, 12.5.x prior to 12.5.13, or 11.x. It is, therefore, affected by out of bounds Write vulnerability. An Out-of-bounds Write vulnerability in the WatchGuard...

WatchGuard Firebox Out-of-Bounds Write Vulnerability

WatchGuard Firebox contains an out-of-bounds write vulnerability in the OS iked process that may allow a remote unauthenticated attacker to execute arbitrary code...

PT-2025-38127

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.11.3 WatchGuard Fireware OS version 2025.1 Description An out-of-bounds write vulnerability exists in WatchGuard Fireware OS,...

CVE-2024-39545

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

PT-2024-28525 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S8 Junos OS versions from 21.4 before 21.4R3-S7 Junos OS versions from 22.1 before 22.1R3-S2 Junos OS versions from 22.2 before 22.2R3-S1 Junos OS versions from 22.3 before 22.3R2-S1, 22.3R3 Junos OS versions...

CVE-2024-21609

A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service DoS. If...

PT-2024-2885 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 20.4R3-S9 Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S7 Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S5 Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S4 Juniper...

SUSE CVE-2010-3361

The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2023-22404

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

Cross site scripting

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

Juniper Junos OS Vulnerability (JSA70200)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70200 advisory. - An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated,...

CVE-2023-22404 Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

CVE-2023-22404 Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

PT-2023-1061 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.3R3-S7 Junos OS versions 19.4 prior to 19.4R3-S9 Junos OS versions 20.2 prior to 20.2R3-S5 Junos OS versions 20.3 prior to 20.3R3-S5 Junos OS versions 20.4 prior to 20.4R3-S4 Junos OS versions 21.1 prior to...

Shrew Soft VPN Client 2.2.2 - &#039;iked&#039; Unquoted Service Path

Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2.2 Tested on: Windows 10 64bit C:\Users\userwmic service...