ET EXPLOIT IKEv2 Invalid Fragmented IKE_AUTH (CVE-2026-33824)

SID: 2069043Rev: 18 viewsHistory

Sourceet/open

CreatedApril 28, 2026

UpdatedApril 28, 2026

Classificationattempted-user

alert udp any any -> $HOME_NET [500,4500] (msg:"ET EXPLOIT IKEv2 Invalid Fragmented IKE_AUTH (CVE-2026-33824)"; flow:stateless,to_server; flowbits:isset,ET.IKE.MS_Sec_VID; content:"|35 20 23 08 00 00 00 01|"; offset:16; depth:8; reference:url,www.zerodayinitiative.com/blog/2026/4/22/cve-2026-33824-remote-code-execution-in-windows-ikev2; reference:cve,2026-33824; classtype:attempted-user; sid:2069043; rev:1; metadata:attack_target Server, created_at 2026_04_28, cve CVE_2026_33824, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2026_04_28; target:dest_ip;)

References

url	www.zerodayinitiative.com/blog/2026/4/22/cve-2026-33824-remote-code-execution-in-windows-ikev2
cve	2026-33824

Metadata

attack targetServer

created at2026_04_28

cveCVE-2026-33824

deploymentInternal

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2026_04_28

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!