Denial of Service Vulnerability in FRRouting and Pica8 PICOS via Crafted BGP Update

Denial of Service Vulnerability in FRRouting and Pica8 PICOS via Crafted BGP Update

CVE-2023-38802 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).

Learn more about our Web Application Penetration Testing UK.