Security News > 2023 > November > CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday added a high-severity flaw in the Service Location Protocol to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.
Tracked as CVE-2023-29552, the issue relates to a denial-of-service vulnerability that could be weaponized to launch massive DoS amplification attacks.
"The Service Location Protocol contains a denial-of-service vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor," CISA said.
The exact details surrounding the nature of exploitation of the flaw are currently unknown, but Bitsight previously warned that the shortcoming could be exploited to stage DoS with a high amplification factor.
"This extremely high amplification factor allows for an under-resourced threat actor to have a significant impact on a targeted network and/or server via a reflection DoS amplification attack," it said.
In light of real-world attacks employing the flaw, federal agencies are required to apply the necessary mitigations, including disabling the SLP service on systems running on untrusted networks, by November 29, 2023, to secure their networks against potential threats.
News URL
https://thehackernews.com/2023/11/cisa-alerts-high-severity-slp.html
Related news
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-29552 | The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. | 7.5 |