Name of the Vulnerable Software and Affected Versions ViPNet Coordinator HW 4 and ViPNet Coordinator KB 4 (affected versions not specified)

Description The issue is related to insufficient input validation in the ViPNet Coordinator systems. An attacker can exploit this by causing network resource exhaustion, leading to a reboot of the ViPNet Coordinator by its built-in fail-safe system. This can be achieved through a combination of remote attacks using fragmented packets, including ip fragment overlapped (where each packet is duplicated) and ip fragmentation buffer overflow (incomplete fragmentation).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.