A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.
CVE-2018-0158
Score elevated to 9.0 because this CVE is listed on the CISA Known Exploited Vulnerabilities catalog (added 2022-03-03), indicating real-world exploitation has been confirmed by US federal agencies. NVD baseline CVSS 8.6 retained for reference. Confidence: HIGH.
- Actively exploited in the wild (CISA-KEV)
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- 8.6
- EG Score
- 9.0(high)
- EPSS
- 93.7%
- KEV
- ⚠ Exploited
Published
March 28, 2018
Last Modified
January 14, 2026
Advisory Details (3)
Auto-updated Jun 2, 2026Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ikeWeakness Classification(3)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Data Freshness Timeline
(refreshed 102× in last 7d / 435× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Showing the most recent 100 of 621 total refreshes for this CVE.
- 2026-07-11 18:49 UTCEG score recompute
- 2026-07-11 18:49 UTCGHSA enrichment
- 2026-07-11 15:07 UTCEG score recompute
- 2026-07-11 15:06 UTCGHSA enrichment
- 2026-07-11 11:23 UTCEG score recompute
- 2026-07-11 11:23 UTCGHSA enrichment
- 2026-07-11 08:24 UTCEPSS rescore
- 2026-07-11 07:40 UTCEG score recompute
- 2026-07-11 07:40 UTCGHSA enrichment
- 2026-07-11 03:57 UTCEG score recompute
- 2026-07-11 03:57 UTCGHSA enrichment
- 2026-07-11 00:14 UTCEG score recompute
- 2026-07-11 00:14 UTCGHSA enrichment
- 2026-07-10 20:31 UTCEG score recompute
- 2026-07-10 20:31 UTCGHSA enrichment
- 2026-07-10 17:52 UTCCISA KEV update
- 2026-07-10 16:49 UTCEG score recompute
- 2026-07-10 16:49 UTCGHSA enrichment
- 2026-07-10 13:07 UTCEG score recompute
- 2026-07-10 13:07 UTCGHSA enrichment
- 2026-07-10 09:25 UTCEG score recompute
- 2026-07-10 09:24 UTCGHSA enrichment
- 2026-07-10 05:41 UTCEG score recompute
- 2026-07-10 05:41 UTCGHSA enrichment
- 2026-07-10 01:58 UTCEG score recompute
Show 75 moreShow fewer
- 2026-07-10 01:58 UTCGHSA enrichment
- 2026-07-09 22:14 UTCEG score recompute
- 2026-07-09 22:14 UTCGHSA enrichment
- 2026-07-09 19:06 UTCEPSS rescore
- 2026-07-09 18:31 UTCEG score recompute
- 2026-07-09 18:31 UTCGHSA enrichment
- 2026-07-09 14:49 UTCEG score recompute
- 2026-07-09 14:49 UTCGHSA enrichment
- 2026-07-09 11:04 UTCEG score recompute
- 2026-07-09 11:04 UTCGHSA enrichment
- 2026-07-09 07:22 UTCEG score recompute
- 2026-07-09 07:22 UTCGHSA enrichment
- 2026-07-09 03:37 UTCEG score recompute
- 2026-07-09 03:37 UTCGHSA enrichment
- 2026-07-08 23:54 UTCEG score recompute
- 2026-07-08 23:54 UTCGHSA enrichment
- 2026-07-08 20:12 UTCEG score recompute
- 2026-07-08 20:11 UTCGHSA enrichment
- 2026-07-08 16:28 UTCEG score recompute
- 2026-07-08 16:28 UTCGHSA enrichment
- 2026-07-08 15:11 UTCEPSS rescore
- 2026-07-08 12:45 UTCEG score recompute
- 2026-07-08 12:44 UTCGHSA enrichment
- 2026-07-08 09:01 UTCEG score recompute
- 2026-07-08 09:01 UTCGHSA enrichment
- 2026-07-08 05:18 UTCEG score recompute
- 2026-07-08 05:18 UTCGHSA enrichment
- 2026-07-08 01:34 UTCEG score recompute
- 2026-07-08 01:34 UTCGHSA enrichment
- 2026-07-07 21:52 UTCEG score recompute
- 2026-07-07 21:51 UTCGHSA enrichment
- 2026-07-07 19:01 UTCCISA KEV update
- 2026-07-07 18:08 UTCEG score recompute
- 2026-07-07 18:08 UTCGHSA enrichment
- 2026-07-07 17:16 UTCCISA KEV update
- 2026-07-07 14:24 UTCEG score recompute
- 2026-07-07 14:24 UTCGHSA enrichment
- 2026-07-07 13:42 UTCEPSS rescore
- 2026-07-07 10:39 UTCEG score recompute
- 2026-07-07 10:39 UTCGHSA enrichment
- 2026-07-07 06:52 UTCEG score recompute
- 2026-07-07 06:52 UTCGHSA enrichment
- 2026-07-07 03:08 UTCEG score recompute
- 2026-07-07 03:08 UTCGHSA enrichment
- 2026-07-06 23:25 UTCEG score recompute
- 2026-07-06 23:25 UTCGHSA enrichment
- 2026-07-06 19:42 UTCEG score recompute
- 2026-07-06 19:42 UTCGHSA enrichment
- 2026-07-06 16:24 UTCEPSS rescore
- 2026-07-06 16:24 UTCEPSS rescore
- 2026-07-06 15:56 UTCEG score recompute
- 2026-07-06 15:56 UTCGHSA enrichment
- 2026-07-06 12:13 UTCEG score recompute
- 2026-07-06 12:13 UTCGHSA enrichment
- 2026-07-06 08:31 UTCEG score recompute
- 2026-07-06 08:30 UTCGHSA enrichment
- 2026-07-06 04:45 UTCEG score recompute
- 2026-07-06 04:45 UTCGHSA enrichment
- 2026-07-06 02:20 UTCEPSS rescore
- 2026-07-06 02:20 UTCEPSS rescore
- 2026-07-06 01:01 UTCEG score recompute
- 2026-07-06 01:01 UTCGHSA enrichment
- 2026-07-05 21:17 UTCEG score recompute
- 2026-07-05 21:17 UTCGHSA enrichment
- 2026-07-05 17:35 UTCEG score recompute
- 2026-07-05 17:35 UTCGHSA enrichment
- 2026-07-05 13:51 UTCEG score recompute
- 2026-07-05 13:50 UTCGHSA enrichment
- 2026-07-05 10:07 UTCEG score recompute
- 2026-07-05 10:06 UTCGHSA enrichment
- 2026-07-05 06:23 UTCEG score recompute
- 2026-07-05 06:23 UTCGHSA enrichment
- 2026-07-05 02:38 UTCEG score recompute
- 2026-07-05 02:38 UTCGHSA enrichment
- 2026-07-05 02:27 UTCEPSS rescore
Related CVEs(same CWE)
Same CWE
10 shownCWE-20 · CWE-772
- CVE-2002-2444EG 9.8CRITICAL
- CVE-2003-0132NVD 0.0EG 9.0EPSS 100%NONE
- CVE-2002-1359NVD 0.0EG 9.0EPSS 100%NONE
- CVE-2000-0380NVD 0.0EG 9.0EPSS 98%NONE
- CVE-2001-0830EG 7.5EPSS 92%HIGH
- CVE-2000-0258EG 7.5EPSS 97%HIGH
- CVE-1999-1127EG 7.5EPSS 97%HIGH
- CVE-2002-2443EG 0.0EPSS 93%NONE
- CVE-2002-2433EG 0.0NONE
- CVE-2003-1569EG 0.0NONE
Frequently asked(6)
What is CVE-2018-0158?
When was CVE-2018-0158 disclosed?
Is CVE-2018-0158 actively exploited?
What is the CVSS score of CVE-2018-0158?
Which products are affected by CVE-2018-0158?
How do I remediate CVE-2018-0158?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2018-0158
Is Your Infrastructure Affected by CVE-2018-0158?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.