CVE-2024-45163

The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, an attacker can send a recognized username (such as root), or can send arbitrary data.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cypressthatkid.medium.com/remote-dos-exploit-found-in-mirai-botnet-source-code-27a1aad284f1
https://pastebin.com/6tqHnCva
https://youtu.be/aJkvSr85ML8

Configurations

No configuration.

History

22 Aug 2024, 15:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.1
CWE		CWE-400

22 Aug 2024, 12:48

Type	Values Removed	Values Added
Summary		(es) Mirai botnet hasta el 19 de agosto de 2024 maneja mal las conexiones TCP simultáneas al servidor CNC (comando y control). Las sesiones no autenticadas permanecen abiertas, lo que provoca un consumo de recursos. Por ejemplo, un atacante puede enviar un nombre de usuario reconocido (como root) o puede enviar datos arbitrarios.

22 Aug 2024, 04:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-22 04:15

Updated : 2024-08-22 15:35

NVD link : CVE-2024-45163

Mitre link : CVE-2024-45163

CVE.ORG link : CVE-2024-45163

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

9.1 /10