CVE-2022-20742

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.

Published: May 3, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-20742
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.4
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / firepower_threat_defense	7.1.0	7.1.0.x
cisco / firepower_threat_defense	6.5.0	6.6.5.2
cisco / firepower_threat_defense	-	6.4.0.15
cisco / firepower_threat_defense	7.0.0	7.0.2
cisco / adaptive_security_appliance_software	9.17.0	9.17.1.7
cisco / adaptive_security_appliance_software	9.16.0	9.16.2.14
cisco / adaptive_security_appliance_software	9.15.0	9.15.1.21
cisco / adaptive_security_appliance_software	-	9.12.4.38
cisco / adaptive_security_appliance_software	9.13.0	9.14.4

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipsec-mitm-CKnLr4

Vulnerability Database

289,599

CVE-2022-20742