MQTT.NanoMQ.Memory.Corruption
Description
This indicates an attack attempt to exploit a Memory Corruption vulnerability in NanoMQ.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted MQTT packet. An attacker can exploit this to cause a Denial-of-Service condition and potential Code Execution via a crafted packet.
Affected Products
NanoMQ prior to 0.4.8
Impact
System Compromise: Remote attackers can gain control of the vulnerable systems.
Recommended Actions
Upgrade to the latest version available from the website.
https://github.com/nanomq/nanomq/pull/204/commits/356b1cc2624b8ec2d91a842ad978e4b0c263a404
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |