Vulnerability Management, Network Security

Massive DDoS attacks possible with new SLP vulnerability

BleepingComputer reports that significant distributed denial-of-service attacks with 2,200 times amplification could be launched with the exploitation of a new vulnerability in the Service Location Protocol, tracked as CVE-2023-29552. Attackers have been leveraging the vulnerability to increase the UDP response size of targeted servers to a maximum amplification factor of 2,200X, according to a report from BitSight, which jointly discovered the bug with Curesec. "This extremely high amplification factor allows for an under-resourced threat actor to have a significant impact on a targeted network and/or server via a reflective DoS amplification attack," said BitSight. Nearly 54,000 SLP instances, including VMware ESXi Hypervisors, IBM Integrated Management Modules, Planex routers, and Konica Minolta printers, which are being used across more than 2,000 organizations around the world could be compromised using the flaw. The U.S., Canada, Japan, France, Germany, and the U.K., had the most vulnerable SLP instances, with numerous Fortune 500 firms in the technology, healthcare, telecommunications, finance, hospitality, insurance, and transportation sectors being most impacted, the report showed.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.