CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

admin by admin
May 3, 2023
in Information Security


May 02, 2023Ravie LakshmananNetwork Security / Vulnerability

Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to achieve a denial-of-service (DoS) condition on vulnerable BGP peers.

The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source internet routing protocol suite for Linux and Unix platforms. It’s currently used by several vendors like NVIDIA Cumulus, DENT, and SONiC, posing supply chain risks.

The discovery is the result of an analysis of seven different implementations of BGP carried out by Forescout Vedere Labs: FRRouting, BIRD, OpenBGPd, Mikrotik RouterOS, Juniper JunOS, Cisco IOS, and Arista EOS.

BGP is a gateway protocol that’s designed to exchange routing and reachability information between autonomous systems. It’s used to find the most efficient routes for delivering internet traffic.

Cybersecurity

The list of three flaws is as follows –

  • CVE-2022-40302 (CVSS score: 6.5) – Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option.
  • CVE-2022-40318 (CVSS score: 6.5) – Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option.
  • CVE-2022-43681 (CVSS score: 6.5) – Out-of-bounds read when processing a malformed BGP OPEN message that abruptly ends with the option length octet.

The issues “could be exploited by attackers to achieve a DoS condition on vulnerable BGP peers, thus dropping all BGP sessions and routing tables and rendering the peer unresponsive,” the company said in a report shared with The Hacker News.

BGP Vulnerabilities

“The DoS condition may be prolonged indefinitely by repeatedly sending malformed packets. The main root cause is the same vulnerable code pattern copied into several functions related to different stages of parsing OPEN messages.”

A threat actor could spoof a valid IP address of a trusted BGP peer or exploit other flaws and misconfigurations to compromise a legitimate peer and then issue a specially-crafted unsolicited BGP OPEN message.

This is achieved by taking advantage of the fact that “FRRouting begins to process OPEN messages (e.g., decapsulating optional parameters) before it gets a chance to verify the BGP Identifier and ASN fields of the originating router.”

UPCOMING WEBINAR

Learn to Stop Ransomware with Real-Time Protection

Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.

Save My Seat!

Forescout has also made available an open source tool called bgp_boofuzzer that allows organizations to test the security of the BGP suites used internally as well as find new flaws in BGP implementations.

“Modern BGP implementations still have low-hanging fruits that can be abused by attackers,” Forescout said. “To mitigate the risk of vulnerable BGP implementations, […] the best recommendation is to patch network infrastructure devices as often as possible.”

The findings come weeks after ESET found that secondhand routers previously used in business networking environments harbored sensitive data, including corporate credentials, VPN details, cryptographic keys, and other vital customer information.

“In the wrong hands, the data gleaned from the devices – including customer data, router-to-router authentication keys, application lists, and much more – is enough to launch a cyberattack,” the Slovak cybersecurity firm said.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Initiativesoffinding ~ Future of CIO

Next Post

EV Reach v11 Is Here!

Related Posts

Information Security

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

by admin
May 30, 2023
Information Security

Advice to SMB CEOs from a former CIO

by admin
May 30, 2023
Information Security

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

by admin
May 29, 2023
Information Security

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

by admin
May 28, 2023
Information Security

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

by admin
May 27, 2023
Next Post

EV Reach v11 Is Here!

Recommended

Illustratereinvention ~ Future of CIO

May 30, 2023

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

May 30, 2023

Advice to SMB CEOs from a former CIO

May 30, 2023

Innovation & Information ~ Future of CIO

May 29, 2023

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

May 29, 2023

Innovativegrowth ~ Future of CIO

May 28, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.