CyberSecurityBoard
Sponsor Register Login

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday added a high-severity flaw in the Service Location Protocol to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552, the issue relates to a denial-of-service vulnerability that could be weaponized to launch massive DoS amplification attacks. It was disclosed by Bitsight and Curesec earlier this April. "The Service Location Protocol contains a denial-of-service vulnerability that could allow an unauthenticated, remote attacker to register services and use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor," CISA said. SLP is a protocol that allows systems on a local area network to discover each other and establish communications. The exact details surrounding the nature of exploitation of the flaw are currently unknown, but Bitsight previously warned that the shortcoming could be exploited to stage DoS with a high amplification factor. "This extremely high amplification factor allows for an under-resourced threat actor to have a significant impact on a targeted network and/or server via a reflection DoS amplification attack," it said. In light of real-world attacks employing the flaw, federal agencies are required to apply the necessary mitigations, including disabling the SLP service on systems running on untrusted networks, by November 29, 2023, to secure their networks against potential threats.

This Cyber News was published on thehackernews.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
9 months ago Securityaffairs.com
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
5 months ago Therecord.media
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation - The U.S. Cybersecurity and Infrastructure Security Agency on Wednesday added a high-severity flaw in the Service Location Protocol to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552, the ...
1 year ago Thehackernews.com CVE-2023-29552
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
How Data Ingestion Works in SOAR - SOAR tools work as consolidation platforms for security alerts and incident response. Endpoint security tools, network security tools, email systems, and other tools collect logs, run detection rules and generate alerts. SOAR then ingests those ...
1 year ago Securityboulevard.com
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
1 year ago Securityweek.com
Avoid high cyber insurance costs by improving Active Directory security - Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and ...
11 months ago Bleepingcomputer.com
CISA: Critical Ivanti auth bypass bug now actively exploited - CISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile and MobileIron Core device management software is now under active exploitation. Tracked as CVE-2023-35082, the flaw is a remote unauthenticated API ...
1 year ago Bleepingcomputer.com CVE-2023-35082
Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk - In October 2022, CISA released the Cybersecurity Performance Goals to help organizations of all sizes and at all levels of cyber maturity become confident in their cybersecurity posture and reduce business risk. Earlier this summer, CISA outlined ...
1 year ago Cisa.gov
CISA confirms compromise of its Ivanti systems - CISA confirmed two of its internal systems were breached by a threat actor that exploited flaws in Ivanti products used by the U.S. cybersecurity agency. Ivanti on Jan. 10 disclosed two zero-day vulnerabilities that were under exploitation by a ...
1 year ago Techtarget.com CVE-2023-46805 CVE-2024-21887
CISA to Congress: US Under Threat of Chemical Attacks - CISA warned this week that facilities maintaining dangerous chemicals across the US are no longer receiving adequate security support. Compared with such industries as energy, water, and telecoms, cybersecurity professionals tend to be less au ...
1 year ago Darkreading.com
Securing Tomorrow: A Recap of CISA's Cyber Resilient 911 Symposium - CISA's Emergency Communications Division spearheaded the Cyber Resilient 911 Program's fourth regional symposium, which included CISA Regions 5 and 7. Among the attendees were state 911 administrators, representatives from 911 centers, IT/cyber ...
9 months ago Cisa.gov
Optigo Networks ONS-S8 Spectra Aggregation Switch | CISA - CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial ...
5 months ago Cisa.gov CVE-2024-41925 CVE-2024-45367
CISA reveals how fed agency succumbed to ColdFusion attacks The Register - CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. The vulnerability, tracked as CVE-2023-26360, was disclosed in March ...
1 year ago Go.theregister.com CVE-2023-26360
EuroTel ETL3100 Radio Transmitter - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to gain full access to the system, disclose sensitive information, or access hidden resources. EuroTel ETL3100 versions v01c01 and v01x37 does ...
1 year ago Cisa.gov CVE-2023-6928 CVE-2023-6929 CVE-2023-6930
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware - Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware. In what appears to be a false positive, these security ...
1 year ago Bleepingcomputer.com Rocke
Five Eyes Agencies Put Focus on Active Directory Threats - Security Boulevard - Cybersecurity agencies in the United States and other countries are urging organizations to harden the security around Microsoft’s Active Director (AD) solution, which has become a prime target of hackers looking to compromise enterprise networks. ...
5 months ago Securityboulevard.com
Mitsubishi Electric Electrical Discharge Machines - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to disclose, tamper with, destroy or delete information in the products, or cause a denial-of-service condition on the products. Remote code execution ...
1 year ago Cisa.gov CVE-2023-21554
CVE-2020-11072 - In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result ...
4 years ago
CISA warns of actively exploited Juniper pre-auth RCE exploit chain - CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its ...
1 year ago Bleepingcomputer.com
Mitsubishi Electric FA Engineering Software Products - RISK EVALUATION. Successful exploitation of this vulnerability could allow a malicious attacker to execute malicious code by tricking legitimate users to open a specially crafted project file, which could result in information disclosure, tampering ...
1 year ago Cisa.gov CVE-2023-5247
Delta Electronics DOPSoft - RISK EVALUATION. Successful exploitation of this vulnerability could lead to remote code execution. The affected product is vulnerable to a stack-based buffer overflow, which may allow for arbitrary code execution if an attacker can lead a legitimate ...
1 year ago Cisa.gov CVE-2023-5944
WAGO PFC200 Series - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker with administrative privileges to access sensitive files in an unintended, undocumented way. Compact Controller CC100: Versions later than FW19, up to and ...
1 year ago Cisa.gov CVE-2023-4089
Delta Electronics InfraSuite Device Master - RISK EVALUATION. Successful exploitation of this vulnerability could allow remote code execution. Delta Electronics InfraSuite Device Master contains a deserialization of untrusted data vulnerability because it runs a version of Apache ActiveMQ which ...
10 months ago Cisa.gov CVE-2023-46604
Siemens SCALANCE and RUGGEDCOM M-800/S615 Family - As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT ...
1 year ago Cisa.gov CVE-2023-44317 CVE-2023-49692

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)