Specialists from a pentesting course revealed the discovery of three vulnerabilities in Wireshark, the popular protocol analyzer used to troubleshoot communications networks. According to the report, flaws could lead to denial-of-service attacks.
Below are brief descriptions of reported flaws, in addition to their respective identification and score keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-25863: Insufficient validation of user-provided entries within the Multipart MIME dissector would allow threat actors to send an entry specially designed to perform a denial of service (DoS) attack.
The vulnerability received a score of 6.5/10, mentioned by experts from the pentesting course.
CVE-2020-25862: This flaw exists due to insufficient validation of user input on Wireshark TCP dissector, which would allow remote malicious hackers to pass a specially designed entry to a vulnerable version of the application and deploy a DoS attack.
According to the report, this flaw received a score of 6.5/10.
CVE-2020-25866: This flaw exists due to inadequate validation of user inputs on the BLIP dissector of the affected application.
A remote threat actor could pass an entry specially designed to deploy a DoS attack, mentioned by the pentesting course experts.
Below are the versions of Wireshark affected by the flaws: 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 2.6.11, 2.6.12, 2.6.13, 2.6.14, 2.6.15, 2.6.16, 2.6.17, 2.6.18, 2.6.19, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.10, 3.0.8, 3.0.9, 3.0.10, 3.0.10 3.0.11, 3.0.12, 3.0.13, 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6.
Flaws can be exploited by unauthenticated threat actors and, while no active exploit attempts have been detected, experts recommend installing security patches as soon as possible.