KEVIntel
Back to KEVs
7.5
CVSS
High

CVE-2016-6415

PUBLISHED

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x,...

Exploited in the wild Remote Low complexity No user interaction
Vendor
Cisco
Product
IOS, IOS XE, IOS XR, PIX
Published
Sep 19, 2016
EPSS

Description

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.

ios cisa edge nessus_scanner

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0 5.0

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitation status

Exploited in the wild

Recorded 2023-05-19 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
Yes
Technical impact
partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA May 19, 2023

Scanner integrations

Scanner Reference Detected
Nessus https://www.tenable.com/plugins/nessus/501829 Jun 02, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

3ndG4me/CVE-2016-6415-BenignCertain-Monitor

github · Created 2020-11-04 20:08:14 UTC · 11 stars

Re-implementation of VirtueSecurity's benigncertain-monitor

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nessus