CVE-2021-38445 – This vulnerability in OpenDDS allows remote att... (How to Fix)

Q: What is the severity of CVE-2021-38445?

CVE-2021-38445 has a CVSS score of 7.0 (HIGH). This vulnerability in OpenDDS allows remote attackers to execute arbitrary code by sending specially crafted data packets that exploit inconsistent length parameter handling. It affects all systems running OpenDDS versions before 3.18.1, particularly in industrial control and embedded systems where OpenDDS is commonly used for data distribution.

📋 TL;DR

This vulnerability in OpenDDS allows remote attackers to execute arbitrary code by sending specially crafted data packets that exploit inconsistent length parameter handling. It affects all systems running OpenDDS versions before 3.18.1, particularly in industrial control and embedded systems where OpenDDS is commonly used for data distribution.

💻 Affected Systems

Products:

OpenDDS

Versions: All versions prior to 3.18.1

Operating Systems: All platforms running OpenDDS

Default Config Vulnerable: ⚠️ Yes

Notes: Any system using OpenDDS for data distribution services is vulnerable regardless of specific configuration.

📦 What is this software?

Opendds by Objectcomputing

View all CVEs affecting Opendds →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with remote code execution leading to data theft, system manipulation, or disruption of critical operations.

🟠

Likely Case

Remote code execution allowing attackers to gain control of affected systems, potentially leading to data exfiltration or service disruption.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent unauthorized access to OpenDDS services.

🌐 Internet-Facing: HIGH - OpenDDS services exposed to the internet can be directly exploited without authentication.

🏢 Internal Only: MEDIUM - Internal exploitation requires network access but could still lead to lateral movement within the network.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific malformed packets but does not require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.18.1

Vendor Advisory: https://opendds.org/

Restart Required: Yes

Instructions:

1. Download OpenDDS version 3.18.1 or later from opendds.org. 2. Replace existing OpenDDS installation with patched version. 3. Recompile any applications using OpenDDS. 4. Restart all OpenDDS services and dependent applications.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate OpenDDS services from untrusted networks

Firewall Rules

all

Restrict access to OpenDDS ports (typically 7400-7410)

iptables -A INPUT -p tcp --dport 7400:7410 -j DROP
netsh advfirewall firewall add rule name="Block OpenDDS" dir=in action=block protocol=TCP localport=7400-7410

🧯 If You Can't Patch

Implement strict network access controls to limit which systems can communicate with OpenDDS services
Deploy intrusion detection systems to monitor for exploitation attempts and anomalous network traffic

🔍 How to Verify

Check if Vulnerable:

Check OpenDDS version: grep -i version /path/to/opendds/config/files or check application documentation

Check Version:

opendds_info --version or check OpenDDS library version in application

Verify Fix Applied:

Confirm OpenDDS version is 3.18.1 or later and verify services are running with updated binaries

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from OpenDDS services
Memory access violations in OpenDDS logs
Abnormal termination of OpenDDS processes

Network Indicators:

Unusual traffic patterns to OpenDDS ports (7400-7410)
Malformed packets targeting OpenDDS services
Unexpected connections to/from OpenDDS systems

SIEM Query:

source="opendds.log" AND (event_type="crash" OR event_type="memory_violation") OR dest_port IN (7400, 7401, 7402, 7403, 7404, 7405, 7406, 7407, 7408, 7409, 7410) AND packet_size > threshold

📊 Metadata

CVE ID: CVE-2021-38445

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE: CWE-130

Published: May 5, 2022

Last Updated: November 21, 2024

🔗 References

https://opendds.org/ Product
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02 Third Party Advisory,US Government Resource
https://opendds.org/ Product
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-38445, you might also want to check these: