Uncaught fastcdr exception (Unexpected CDR type received) crashing fastdds
CVE-2023-39948
7.5HIGH
What is CVE-2023-39948?
The Fast DDS application, implemented by eprosima, is susceptible to an issue where the BadParamException is not properly handled, enabling a potential attacker to remotely crash any Fast DDS process. This vulnerability affects all versions before 2.10.0 and 2.6.5, which contain patches to remediate the problem. Effective handling of exceptions is crucial in maintaining the stability and security of distributed systems.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Fast-DDS < 2.6.5 < 2.6.5
Fast-DDS >= 2.7.0, < 2.10.0 < 2.7.0, 2.10.0
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved