CVE-2023-50257

Name of the Vulnerable Software and Affected Versions eProsima Fast DDS versions prior to 2.13.0 eProsima Fast DDS versions prior to 2.12.2 eProsima Fast DDS versions prior to 2.11.3 eProsima Fast DDS versions prior to 2.10.3 eProsima Fast DDS versions prior to 2.6.7

Description A vulnerability has been discovered in eProsima Fast DDS where a malicious attacker can forcibly disconnect a Subscriber and deny a Subscriber attempting to connect. This is due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted. If the attacker sends the packet for disconnecting, which is data (p[UD]), to the Global Data Space (239.255.0.1:7400) using the said Publisher ID, all the Subscribers (Listeners) connected to the Publisher (Talker) will not receive any data and their connection will be disconnected. Moreover, if this disconnection packet is sent continuously, the Subscribers (Listeners) trying to connect will not be able to do so.

Recommendations For versions prior to 2.13.0, update to version 2.13.0 or later. For versions prior to 2.12.2, update to version 2.12.2 or later. For versions prior to 2.11.3, update to version 2.11.3 or later. For versions prior to 2.10.3, update to version 2.10.3 or later. For versions prior to 2.6.7, update to version 2.6.7 or later. As a temporary workaround, consider restricting access to the Global Data Space (239.255.0.1:7400) to minimize the risk of exploitation. Avoid using the p[UD] data and guid values in the affected API endpoint until the issue is resolved.