CVE-2023-41913 - OpenCVE

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Strongswan	Strongswan

Configuration 1 [-]

cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/strongswan/strongswan/releases
https://lists.debian.org/debian-lts-announce/2023/11/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/
https://lists.fedoraproject.org/archives/list/[email protected]/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/
https://security.netapp.com/advisory/ntap-20250117-0003/
https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html

History

Tue, 04 Nov 2025 20:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2023/11/msg00018.html

Tue, 04 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.fedoraproject.org/archives/list/[email protected]/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.1093}`	epss `{'score': 0.11192}`

Fri, 17 Jan 2025 20:45:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20250117-0003/

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-07T00:00:00.000Z

Updated: 2025-11-04T19:21:10.660Z

Reserved: 2023-09-05T00:00:00.000Z

Link: CVE-2023-41913

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-07T05:15:09.173

Modified: 2025-11-04T20:16:46.380

Link: CVE-2023-41913

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-41913", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-11-04T19:21:10.660Z", "dateReserved": "2023-09-05T00:00:00.000Z", "datePublished": "2023-12-07T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-11T03:06:10.932Z"}, "descriptions": [{"lang": "en", "value": "strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/strongswan/strongswan/releases"}, {"url": "https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html"}, {"name": "FEDORA-2024-6712c699fc", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/strongswan/strongswan/releases", "tags": ["x_transferred"]}, {"url": "https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html", "tags": ["x_transferred"]}, {"name": "FEDORA-2024-6712c699fc", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}, {"url": "https://security.netapp.com/advisory/ntap-20250117-0003/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00018.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T19:21:10.660Z"}}]}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5256E77-93AF-47BF-BD3F-0148F8E9D0B4", "versionEndExcluding": "5.9.12", "versionStartIncluding": "5.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message."}, {"lang": "es", "value": "strongSwan anterior a 5.9.12 tiene un desbordamiento del b\u00fafer y una posible ejecuci\u00f3n remota de c\u00f3digo no autenticado a trav\u00e9s de un valor p\u00fablico DH que excede el b\u00fafer interno en el proxy DH de charon-tkm. La primera versi\u00f3n afectada es la 5.3.0. Un ataque puede ocurrir a trav\u00e9s de un mensaje IKE_SA_INIT manipulado."}], "id": "CVE-2023-41913", "lastModified": "2025-11-04T20:16:46.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-12-07T05:15:09.173", "references": [{"source": "[email protected]", "tags": ["Release Notes"], "url": "https://github.com/strongswan/strongswan/releases"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://github.com/strongswan/strongswan/releases"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YPJZPYHBCRXUQGGKQE6TYH4J4RIJH6HO/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20250117-0003/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "[email protected]", "type": "Primary"}]}