Although FRRouting only allows connections between configured peers by default, threat actors can spoof a valid IP address of a trusted peer in the attack scenario described in the advisory. The flaws discovered by Forescout include CVE-2022-40302 and CVE-2022-43681, which can be triggered before FRRouting validates BGP Identifier and ASN fields. The DoS condition may be prolonged indefinitely by repeatedly sending malformed packets.” The discovery of these vulnerabilities is part of a broader analysis of seven popular Border Gateway Protocol implementations, including three open-source (FRRouting, BIRD, OpenBGPd) and four closed source (Mikrotik RouterOS, Juniper JunOS, Cisco IOS, Arista EOS) implementations. The researchers stated, “Attackers may leverage any of the three new vulnerabilities to achieve a DoS on a vulnerable BGP peer, thus dropping all BGP sessions and routing tables and rendering the peer unresponsive for several seconds. The FRRouting implementation is currently used in the networking solutions of several major vendors, including nVidia Cumulus, DENT, and SONiC. BGP implementations are widely adopted for traffic routing in large data centers and BGP extensions, such as MP-BGP, or for MPLS 元 VPNs. These vulnerabilities can be exploited to cause a denial of service (DoS) condition on vulnerable BGP peers, dropping all BGP sessions and routing tables, and rendering the peer unresponsive. Researchers at Forescout Vedere Labs have discovered multiple vulnerabilities in the software implementation of the Border Gateway Protocol (BGP) within version 8.4 of FRRouting, a leading open-source implementation of the protocol.
0 Comments
Leave a Reply. |