virus logo Intrusion Prevention

MQTT.NanoMQ.Memory.Corruption

description-logoDescription

This indicates an attack attempt to exploit a Memory Corruption vulnerability in NanoMQ.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted MQTT packet. An attacker can exploit this to cause a Denial-of-Service condition and potential Code Execution via a crafted packet.

affected-products-logoAffected Products

NanoMQ prior to 0.4.8

Impact logoImpact

System Compromise: Remote attackers can gain control of the vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version available from the website.
https://github.com/nanomq/nanomq/pull/204/commits/356b1cc2624b8ec2d91a842ad978e4b0c263a404

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-10-19 18.181 Default_action:pass:drop
2021-10-11 18.174
ID 50799
Created Sep 30, 2021
Updated Oct 18, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Linux, Other
Affected App Other