Tuesday, April 25, 2023

New SLP Vulnerability to play catalyst to 2000x DDoS attacks

A DDoS Attack is the bombardment of fake internet traffic onto an application server, thus disrupting its operations, leading to its unavailability to genuine traffic. Now, imagine what will happen if the intensity of such attacks increases by 2000 times if/when hackers exploit a vulnerability to amplify the attack resulting in a high scale denial of service attack.

Assigned with an ID tag of CVE- 2023-29552, the flaw if exploited can impact over 2,000 organizations and can spill data from over 54,000 SLP instances…. now that’s interesting!

These details were disclosed by researchers from BitSight and Curesec who issued an immediate alert to almost 700 product types, including Planex Routers, IBM Integrated Management Module, SMC IPMI, Konica Minolta Printers, and Vmware ESXi Hypervisors.

According to a report released by the security researchers, the exposed organizations to vulnerable SLP Instances could be from 10 countries- USA, UK, Japan, Germany, Canada, France, Italy, Brazil, and Netherlands along with Spain.

NOTE- Till date, and as per the analysis of Cloudflare, the biggest distributed denial of service attack took place in September 2017 and was targeted at Google services at 2.54tbps. AWS also experienced a similar attack in February 2020, with incoming traffic reaching a rate of 2.3 TB per second. Technically speaking, all these attacks do not exceed 10 Gbps rate per seconds. But attacks of such rate are also high enough to disrupt websites and applications offline for at least 12-15 hours.

 

The post New SLP Vulnerability to play catalyst to 2000x DDoS attacks appeared first on Cybersecurity Insiders.


April 25, 2023 at 08:35PM

0 comments:

Post a Comment