The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Wednesday added a high-severity flaw within the Service Location Protocol (SLP) to its Identified Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
Tracked as CVE-2023-29552 (CVSS rating: 7.5), the problem pertains to a denial-of-service (DoS) vulnerability that might be weaponized to launch large DoS amplification assaults.
It was disclosed by Bitsight and Curesec earlier this April.
“The Service Location Protocol (SLP) comprises a denial-of-service (DoS) vulnerability that would enable an unauthenticated, distant attacker to register companies and use spoofed UDP visitors to conduct a denial-of-service (DoS) assault with a major amplification issue,” CISA stated.
SLP is a protocol that permits methods on an area space community (LAN) to find one another and set up communications.
The precise particulars surrounding the character of exploitation of the flaw are at present unknown, however Bitsight beforehand warned that the shortcoming might be exploited to stage DoS with a excessive amplification issue.
“This extraordinarily excessive amplification issue permits for an under-resourced menace actor to have a major affect on a focused community and/or server through a mirrored image DoS amplification assault,” it stated.
In gentle of real-world assaults using the flaw, federal businesses are required to use the mandatory mitigations, together with disabling the SLP service on methods working on untrusted networks, by November 29, 2023, to safe their networks towards potential threats.
