DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0
CVE-2023-32649

8.2HIGH

Key Information:

Vendor: Nozomi Networks
Status: Guardian; Cmc
Vendor: CVE Published:; 19 September 2023

🔔 Create Nozomi Networks Vulnerability Alert

What is CVE-2023-32649?

A critical security flaw has been discovered in Nozomi Networks Guardian and CMC that allows an unauthenticated attacker to exploit improper input validation within the Asset Intelligence functionality of the Intrusion Detection System (IDS). By sending specially crafted malformed network packets, an attacker could crash the IDS module. This exploitation leads to a temporary disruption in network traffic analysis, as the system may remain non-functional until the module is restarted automatically. Organizations utilizing these products should seek to implement necessary updates and mitigations to safeguard against potential attacks.

Affected Version(s)

CMC 22.6.0 < 22.6.3

CMC 23.0.0 < 23.1.0

Guardian 22.6.0 < 22.6.3

References

https://security.nozominetworks.com/NN-2023:10-01

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2023
Vulnerability Reserved
Jun 12, 2023

Credit

This issue was found by Nozomi Networks during an internal investigation.