Back

Critical Vulnerability in Kea DHCP Server Allows Remote Crash

Severity: High (Score: 72.0)

Sources: Cybersecuritynews, Gbhackers

Summary

The Internet Systems Consortium (ISC) has issued a critical security advisory regarding a high-severity vulnerability in the Kea DHCP server, tracked as CVE-2026-3608. This vulnerability, published on 2026-03-25, permits unauthenticated remote attackers to exploit a stack overflow error, leading to the crashing of the receiving daemon. The flaw poses a significant risk to enterprise networks and internet service providers that utilize the Kea DHCP server for managing IP allocations. Network administrators are urged to take immediate action to mitigate potential disruptions. The scope of impact includes essential network services that rely on the Kea DHCP server, potentially affecting millions of users. As of the advisory date, there are no known exploits in the wild, but the severity of the vulnerability necessitates prompt attention. Key Points: • CVE-2026-3608 allows unauthenticated remote attacks to crash the Kea DHCP server. • The vulnerability affects enterprise networks and ISPs using the Kea DHCP server. • Immediate action is recommended to prevent service disruptions.

Key Entities

  • Internet Systems Consortium (company)
  • CVE-2026-3608 (cve)
  • Kea DHCP Server (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed