Login Sign Up

CVE-2021-43547

7.5 HIGH
Denial of Service

📋 TL;DR

CVE-2021-43547 is a vulnerability in TwinOaks Computing CoreDX DDS that allows attackers to send specially crafted packets to flood target devices with unwanted traffic. This can cause denial-of-service conditions and potential information exposure. Organizations using CoreDX DDS versions before 5.9.1 are affected.

💻 Affected Systems

Products:
  • TwinOaks Computing CoreDX DDS
Versions: All versions prior to 5.9.1
Operating Systems: All platforms supported by CoreDX DDS
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all deployments using vulnerable CoreDX DDS versions regardless of configuration.

📦 What is this software?

Coredx Dds by Twinoakscomputing

View all CVEs affecting Coredx Dds →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of affected DDS systems leading to operational downtime, potential information leakage through traffic analysis, and cascading failures in dependent systems.

🟠

Likely Case

Degraded performance or temporary denial-of-service affecting DDS communications, potentially disrupting industrial control systems or IoT networks.

🟢

If Mitigated

Minimal impact with proper network segmentation, rate limiting, and updated software preventing successful exploitation.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Attack requires network access to DDS ports but no authentication. Crafting malicious packets is relatively straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.9.1 and later

Vendor Advisory: http://www.twinoakscomputing.com/coredx/download

Restart Required: Yes

Instructions:

1. Download CoreDX DDS version 5.9.1 or later from TwinOaks Computing website. 2. Replace existing CoreDX DDS installation with updated version. 3. Restart all applications and services using CoreDX DDS.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate CoreDX DDS systems from untrusted networks using firewalls or network segmentation.

Rate Limiting

all

Implement network rate limiting on DDS ports to prevent flooding attacks.

🧯 If You Can't Patch

  • Implement strict network access controls to limit DDS traffic to trusted sources only.
  • Deploy intrusion detection/prevention systems to monitor for DDS protocol anomalies and flood patterns.

🔍 How to Verify

Check if Vulnerable:

Check CoreDX DDS version number in application configuration or via vendor-provided version checking tools.

Check Version:

Consult CoreDX DDS documentation for version checking specific to your implementation.

Verify Fix Applied:

Confirm CoreDX DDS version is 5.9.1 or later and monitor for abnormal traffic patterns.

📡 Detection & Monitoring

Log Indicators:

  • Unusually high volume of DDS packets
  • Connection attempts from unexpected sources
  • System performance degradation logs

Network Indicators:

  • Spike in DDS protocol traffic
  • Malformed DDS packets
  • Traffic from unauthorized IP addresses to DDS ports

SIEM Query:

source_port:7400 OR destination_port:7400 | stats count by src_ip, dest_ip | where count > threshold

📊 Metadata

CVE ID: CVE-2021-43547
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-406
Published: May 5, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-43547, you might also want to check these:

CVE-2021-38135 8.6

CVE-2021-38135 is an External Service Interaction vulnerability in OpenText iManager that allows att...

Same vulnerability type (CWE-406)
CVE-2021-38487 8.2

This vulnerability in RTI Connext Professional and Micro allows attackers to send specially crafted ...

Same vulnerability type (CWE-406)
CVE-2023-28456 7.5

CVE-2023-28456 is a DNS amplification vulnerability in Technitium DNS Server that allows attackers t...

Same vulnerability type (CWE-406)