CVE-2024-20474: Integer Underflow

First published: Wed Oct 23 2024(Updated: )

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software. Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.

Credit: ykramarz@cisco.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/weakness
• agent/references
• agent/type
• agent/first-publish-date
• agent/description
• agent/severity
• agent/author
• agent/event
• collector/mitre-cve
• source/MITRE
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• agent/last-modified-date
• agent/softwarecombine
• agent/tags
• vendor/cisco
• canonical/cisco anyconnect secure mobility client
• version/cisco anyconnect secure mobility client/4.9.00086
• version/cisco anyconnect secure mobility client/4.9.01095
• version/cisco anyconnect secure mobility client/4.9.02028
• version/cisco anyconnect secure mobility client/4.9.03047
• version/cisco anyconnect secure mobility client/4.9.03049
• version/cisco anyconnect secure mobility client/4.9.04043
• version/cisco anyconnect secure mobility client/4.9.04053
• version/cisco anyconnect secure mobility client/4.9.05042
• version/cisco anyconnect secure mobility client/4.9.06037
• canonical/cisco secure client
• version/cisco secure client/4.10.00093
• version/cisco secure client/4.10.01075
• version/cisco secure client/4.10.02086
• version/cisco secure client/4.10.03104
• version/cisco secure client/4.10.04065
• version/cisco secure client/4.10.04071
• version/cisco secure client/4.10.05085
• version/cisco secure client/4.10.05095
• version/cisco secure client/4.10.05111
• version/cisco secure client/4.10.06079
• version/cisco secure client/4.10.06090
• version/cisco secure client/4.10.07061
• version/cisco secure client/4.10.07062
• version/cisco secure client/4.10.07073
• version/cisco secure client/4.10.08025
• version/cisco secure client/4.10.08029
• version/cisco secure client/5.0.00238
• version/cisco secure client/5.0.00529
• version/cisco secure client/5.0.00556
• version/cisco secure client/5.0.01242
• version/cisco secure client/5.0.02075
• version/cisco secure client/5.0.03072
• version/cisco secure client/5.0.03076
• version/cisco secure client/5.0.04032
• version/cisco secure client/5.0.05040
• version/cisco secure client/5.1.0.136
• version/cisco secure client/5.1.1.42
• version/cisco secure client/5.1.2.42
• version/cisco secure client/5.1.3.62