Vulnerabilities > CVE-2021-43547 - Insufficient Control of Network Message Volume (Network Amplification) vulnerability in Twinoakscomputing Coredx DDS

CVSS 8.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

twinoakscomputing

CWE-406

NVD

Published: 2022-05-05

Updated: 2022-05-13

Summary

TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.

Vulnerable Configurations

Part	Description	Count
Application	Twinoakscomputing Twinoakscomputing Coredx DDS *	1

Common Weakness Enumeration (CWE)

CWE-406 - Insufficient Control of Network Message Volume (Network Amplification)

References

http://www.twinoakscomputing.com/coredx/download
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02