Strongswan: >> Strongswan >> 5.9.10 Security Vulnerabilities
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
CVSS Score
9.8
EPSS Score
0.109
Published
2023-12-07