CVE-2024-48080
📋 TL;DR
A denial-of-service vulnerability in aedes MQTT broker v0.51.2 allows attackers to crash the service via specially crafted requests. The vulnerability affects systems running the vulnerable version of aedes, though the maintainer claims existing validation prevents exploitation. This primarily impacts IoT and messaging systems using this broker.
💻 Affected Systems
- aedes
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete service disruption causing MQTT broker unavailability, affecting all connected IoT devices and applications.
Likely Case
Service crashes requiring manual restart, causing temporary disruption to MQTT communications.
If Mitigated
No impact if the validateTopic function properly filters malicious requests as claimed by maintainer.
🎯 Exploit Status
Maintainer disputes exploitability, claiming existing validation prevents successful exploitation. No public proof-of-concept available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v0.51.3 or later
Vendor Advisory: https://github.com/moscajs/aedes/releases/tag/v0.51.2
Restart Required: Yes
Instructions:
1. Update aedes package using npm: npm update aedes 2. Verify version is 0.51.3 or higher: npm list aedes 3. Restart the aedes service
🔧 Temporary Workarounds
Downgrade to previous version
allRevert to aedes version 0.51.1 or earlier which is not affected
npm install aedes@0.51.1
🧯 If You Can't Patch
- Implement network-level filtering to block suspicious MQTT traffic patterns
- Monitor service health and implement automatic restart mechanisms for crash recovery
🔍 How to Verify
Check if Vulnerable:
Check package.json or run: npm list aedes | grep aedesCheck Version:
npm list aedes | grep aedesVerify Fix Applied:
Confirm installed version is 0.51.3 or higher: npm list aedes📡 Detection & Monitoring
Log Indicators:
- Service crashes without clear error
- Unusual MQTT topic patterns in logs
- Repeated broker restarts
Network Indicators:
- Unusual MQTT packet patterns
- Multiple connection attempts with malformed topics
SIEM Query:
source="aedes.log" AND ("crash" OR "restart" OR "unhandled")