CVE-2023-26463
Last modified
CVE-2023-26463 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. EPSS estimates a 2.26% chance of exploitation in the next 30 days.
Description
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrusted client certificate during EAP-TLS. A server is affected only if it loads plugins that implement TLS-based EAP methods (EAP-TLS, EAP-TTLS, EAP-PEAP, or EAP-TNC). This is fixed in 5.9.10.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Strongswan | Strongswan | 5.9.8 |
| Strongswan | Strongswan | 5.9.9 |
References
- https://github.com/strongswan/strongswan/releasesRelease Notes
- https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-%28cve-2023-26463%29.htmlMitigation, Vendor Advisory
- https://github.com/strongswan/strongswan/releasesRelease Notes
- https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-%28cve-2023-26463%29.htmlMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-26463?
How severe is CVE-2023-26463?
How do I fix CVE-2023-26463?
Are you affected by CVE-2023-26463?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST