"New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks"
A high-severity security vulnerability is impacting Service Location Protocol (SLP). The vulnerability could be exploited to launch volumetric Denial-of-Service attacks against targets. Bitsight and Curesec researchers stated that attackers exploiting this vulnerability could use vulnerable instances to execute massive DoS amplification attacks with a factor of up to 2200 times, potentially making it one of the largest amplification attacks ever reported. It is estimated that the vulnerability, tracked as CVE-2023-29552 with a CVSS score of 8.6, affects more than 2,000 global organizations and over 54,000 Internet-accessible SLP instances. This includes over 600 product types, including VMWare ESXi Hypervisor, Konica Minolta printers, Planex Routers, IBM Integrated Management Module (IMM), and SMC IPMI. The US, the UK, Japan, Germany, Canada, France, Italy, Brazil, the Netherlands, and Spain are the top 10 countries with the most organizations using SLP instances that are vulnerable. SLP is a service discovery protocol that enables computers and other devices to find printers, file servers, and other network resources in a Local Area Network (LAN). The successful exploitation of CVE-2023-29552 could allow an attacker to leverage vulnerable SLP instances to launch a reflection amplification attack and overwhelm a target server with garbage traffic. This article continues to discuss the potential exploitation and impact of the high-severity security vulnerability impacting Service Location Protocol (SLP).
THN reports "New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks"