Executive Summary

Title IKEv1 Main Mode vulnerable to brute force attacks
Name VU#857035 First vendor Publication 2018-08-14
Vendor VU-CERT Last vendor Modification 2018-08-17
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Vulnerability Note VU#857035

IKEv1 Main Mode vulnerable to brute force attacks

Original Release date: 14 Aug 2018 | Last revised: 17 Aug 2018


Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.


The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. (CVE-2018-5389)

It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode however, only an online attack against PSK authentication was thought to be feasible.


An attacker may be able to recover a weak Pre-Shared Key.


Use Secure Passwords
Use cryptographically secure PSK values that resist brute force or dictionary attacks.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
Netgear, Inc.Not Affected18 Jul 201817 Aug 2018
3com IncUnknown18 Jul 201818 Jul 2018
ACCESSUnknown18 Jul 201818 Jul 2018
ActiontecUnknown18 Jul 201818 Jul 2018
ADTRANUnknown18 Jul 201818 Jul 2018
aep NETWORKSUnknown18 Jul 201818 Jul 2018
AirWatchUnknown18 Jul 201818 Jul 2018
Alcatel-Lucent EnterpriseUnknown18 Jul 201818 Jul 2018
AmazonUnknown18 Jul 201818 Jul 2018
Android Open Source ProjectUnknown18 Jul 201818 Jul 2018
Appgate Network SecurityUnknown18 Jul 201818 Jul 2018
AppleUnknown18 Jul 201818 Jul 2018
Arch LinuxUnknown18 Jul 201818 Jul 2018
Arista Networks, Inc.Unknown18 Jul 201818 Jul 2018
ARRISUnknown18 Jul 201818 Jul 2018
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)



  • https://web-in-security.blogspot.com/2018/08/practical-dictionary-attack-on-ipsec-ike.html
  • https://www.usenix.org/conference/usenixsecurity18/presentation/felsch
  • https://blogs.cisco.com/security/great-cipher-but-where-did-you-get-that-key


Thanks to Martin Grothe, Joerg Schwenk, and Dennis Felsch for reporting this vulnerability.

This document was written by Trent Novelly.

Other Information

  • CVE IDs:CVE-2018-5389
  • Date Public:14 Aug 2018
  • Date First Published:14 Aug 2018
  • Date Last Updated:17 Aug 2018
  • Document Revision:14


If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/857035

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-521 Weak Password Requirements

CPE : Common Platform Enumeration

Application 1

Alert History

If you want to see full details history, please login or register.
Date Informations
2018-11-14 21:21:45
  • Multiple Updates
2018-09-07 00:21:31
  • Multiple Updates
2018-08-17 21:19:11
  • Multiple Updates
2018-08-15 05:17:24
  • Multiple Updates
2018-08-15 00:18:49
  • First insertion