eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
An error in the ticket/certificate revocation validation mechanism (CWE-298: Improper Validation of Certificate with Host Mismatch, CWE-370: Missing or Incorrect Error Handling for Certificate Revocation) causes revoked permissions or access tokens to not be properly verified. As a result, connections that should be rejected as invalid are accepted by DDS communication nodes. The vulnerability is located in the access control module (Permissions.cpp) of the Fast-DDS library. A remote attacker, without authentication and without user interaction, can exploit this flaw to establish unauthorized connections.
An attacker can establish unauthorized, unsecured connections to systems using Fast-DDS, gaining access to sensitive data transmitted over the DDS network and compromising the integrity of communication between system nodes.
Patches available from the vendor should be applied in accordance with the references. It is recommended to monitor the official eProsima Fast-DDS repository and vendor pages (eprosima.com, fast-dds.com) for current patch information. Until the patch is applied, consider restricting network access to DDS nodes and implementing network segmentation.
eProsima Fast-DDS v3.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NEprosima Fast Dds
APPEprosima3.3.0
Related vulnerabilities
Heap buffer overflow w eprosima Fast DDS via manipulowany DATA Submessage
eProsima Fast DDS — use-after-free przez nieprawidłowy pakiet DATA_FRAG
eProsima Fast DDS — podatność rozłączenia subskrybentów RTPS w SROS2
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object M...
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object M...