The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Wednesday added a high-severity flaw within the Service Location Protocol (SLP) to its Recognized Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
Tracked as CVE-2023-29552 (CVSS rating: 7.5), the problem pertains to a denial-of-service (DoS) vulnerability that might be weaponized to launch large DoS amplification assaults.
It was disclosed by Bitsight and Curesec earlier this April.
“The Service Location Protocol (SLP) accommodates a denial-of-service (DoS) vulnerability that would permit an unauthenticated, distant attacker to register providers and use spoofed UDP visitors to conduct a denial-of-service (DoS) assault with a big amplification issue,” CISA stated.
SLP is a protocol that permits techniques on an area space community (LAN) to find one another and set up communications.
The precise particulars surrounding the character of exploitation of the flaw are presently unknown, however Bitsight beforehand warned that the shortcoming might be exploited to stage DoS with a excessive amplification issue.
“This extraordinarily excessive amplification issue permits for an under-resourced menace actor to have a big affect on a focused community and/or server by way of a mirrored image DoS amplification assault,” it stated.
In mild of real-world assaults using the flaw, federal companies are required to use the required mitigations, together with disabling the SLP service on techniques operating on untrusted networks, by November 29, 2023, to safe their networks towards potential threats.
