CVE-2015-3966

Innominate mGuard Firmware < 8.1.7 - Authenticated Denial of Service via IPsec SA Compression

Title source: llm
STIX 2.1

Description

The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a peer relationship to send a crafted configuration with compression.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-239-03

Scores

EPSS 0.0162
EPSS Percentile 73.1%

Details

CWE
CWE-20
Status published
Products (10)
innominate/mguard_firmware 8.0.0
innominate/mguard_firmware 8.0.1
innominate/mguard_firmware 8.0.2
innominate/mguard_firmware 8.0.3
innominate/mguard_firmware 8.1.1
innominate/mguard_firmware 8.1.2
innominate/mguard_firmware 8.1.3
innominate/mguard_firmware 8.1.4
innominate/mguard_firmware 8.1.5
innominate/mguard_firmware 8.1.6
Published Aug 30, 2015
Tracked Since Feb 18, 2026