CVE-2026-35330

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-35330. PoCs published by Lukas Johannes Moeller.

AI-analyzed exploit summary This exploit demonstrates a heap buffer overflow in strongSwan's EAP-SIM/AKA plugin due to an integer underflow in the `parse_attributes` function when processing a crafted EAP-SIM message with a zero-length attribute. The PoC triggers a heap-buffer-overflow WRITE under ASan or a SIGSEGV in production environments.

Description

strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

Exploits (1)

exploitdb WORKING POC

by Lukas Johannes Moeller · cremotemultiple

https://www.exploit-db.com/exploits/52587

View Code ZIP pw:eip

This exploit demonstrates a heap buffer overflow in strongSwan's EAP-SIM/AKA plugin due to an integer underflow in the `parse_attributes` function when processing a crafted EAP-SIM message with a zero-length attribute. The PoC triggers a heap-buffer-overflow WRITE under ASan or a SIGSEGV in production environments.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: strongSwan <= 5.9.13 (with eap-sim or eap-aka plugin built)

No auth needed

Prerequisites: strongSwan with EAP-SIM/AKA plugin enabled · network access to target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed May 30, 2026 Full analysis →

strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

Exploitation Summary

Description

Exploits (1)

Details