The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Wednesday added a high-severity flaw within the Service Location Protocol (SLP) to its Identified Exploited Vulnerabilities (KEV) catalog, citing proof of lively exploitation.
Tracked as CVE-2023-29552 (CVSS rating: 7.5), the difficulty pertains to a denial-of-service (DoS) vulnerability that may very well be weaponized to launch huge DoS amplification assaults.
It was disclosed by Bitsight and Curesec earlier this April.
“The Service Location Protocol (SLP) accommodates a denial-of-service (DoS) vulnerability that might enable an unauthenticated, distant attacker to register companies and use spoofed UDP visitors to conduct a denial-of-service (DoS) assault with a major amplification issue,” CISA stated.
SLP is a protocol that permits methods on a neighborhood space community (LAN) to find one another and set up communications.
The precise particulars surrounding the character of exploitation of the flaw are presently unknown, however Bitsight beforehand warned that the shortcoming may very well be exploited to stage DoS with a excessive amplification issue.
“This extraordinarily excessive amplification issue permits for an under-resourced menace actor to have a major influence on a focused community and/or server through a mirrored image DoS amplification assault,” it stated.
In mild of real-world assaults using the flaw, federal businesses are required to use the required mitigations, together with disabling the SLP service on methods operating on untrusted networks, by November 29, 2023, to safe their networks towards potential threats.
