CVE-2022-44792
published 2022-11-07CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker…
PriorityP346medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
52.05%
98.8th percentile
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | net-snmp | < net-snmp 5.9.3+dfsg-2 (bookworm) | net-snmp 5.9.3+dfsg-2 (bookworm) |
| msrc | azl3_net-snmp_5.9.4-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_net-snmp_5.9.4-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_net-snmp_5.9-4_on_cbl_mariner_1.0 | — | — |
| net-snmp | net-snmp | >= 0 < 5.9+dfsg-4+deb11u2 | 5.9+dfsg-4+deb11u2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | 5.8 – 5.9.3 | — |
| paloalto | pan-os | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered via a crafted UDP packet sent to a Net-SNMP agent with write access; monitor for unexpected SNMP SET requests targeting ipDefaultTTL (OID in ip-mib) that may cause agent crashes. ↗
- →Focus detection on SNMP write-access attempts (SNMP SET operations) over UDP from remote/untrusted sources targeting Net-SNMP instances running versions 5.8 through 5.9.3. ↗
- ·Only Net-SNMP versions 5.8 through 5.9.3 are affected; Red Hat Enterprise Linux 6 and 7 ship versions that are NOT affected. ↗
- ·The attacker must already have SNMP write access to exploit this vulnerability; deployments that restrict SNMP community strings or use SNMPv3 with strong authentication reduce exposure. ↗
- ·Debian fixed the issue in specific package versions per release: bookworm/forky/sid/trixie fixed in 5.9.3+dfsg-2; bullseye fixed in 5.9+dfsg-4+deb11u2. ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2010-1622 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
CISA ICS
Siemens SIMATIC and SIPLUS
cisa_ics·2024-06-13
Siemens SIMATIC and SIPLUS
ICS Advisory
##
Siemens SIMATIC and SIPLUS
Release DateJune 13, 2024
Alert CodeICSA-24-165-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Bu
CISA ICS
Siemens SIMATIC MV500
cisa_ics·2023-11-16·CVSS 9.8
[CRITICAL] Siemens SIMATIC MV500
ICS Advisory
##
Siemens SIMATIC MV500
Release DateNovember 16, 2023
Alert CodeICSA-23-320-13
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC MV500
- Vulnerabilities: Classic Buffer Overflow, NULL Pointer Dereference, Improper Authentication, Inefficient Regular Expression Complexity, Excessive Iteration, Out-of-bounds Write
## 2. RISK EVALUATION
Succe
Ubuntu
Net-SNMP vulnerabilities
vendor_ubuntu·2023-01-16
CVE-2022-24805 Net-SNMP vulnerabilities
Title: Net-SNMP vulnerabilities
Summary: Several security issues were fixed in Net-SNMP.
USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Net-SNMP incorrectly handled certain requests. A
remote attacker could possibly use these issues to cause Net-SNMP to crash,
resulting in a denial of service.
Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled
memory operations when processing certain requests. A remote attacker could
use this issue to cause Net-SNMP to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary chan
Ubuntu
Net-SNMP vulnerabilities
vendor_ubuntu·2023-01-09
CVE-2022-44792 Net-SNMP vulnerabilities
Title: Net-SNMP vulnerabilities
Summary: Net-SNMP could be made to crash if it received specially crafted network
traffic.
It was discovered that Net-SNMP incorrectly handled certain requests. A
remote attacker could possibly use these issues to cause Net-SNMP to crash,
resulting in a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the insta
vendor_msrc·2022-11-08·CVSS 6.5
CVE-2022-44792 [MEDIUM] CWE-476 handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the insta
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet resulting in Denial of Service.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more informatio
Red Hat
net-snmp: NULL Pointer Exception when handling ipDefaultTTL
vendor_redhat·2022-11-07·CVSS 6.5
CVE-2022-44792 [MEDIUM] CWE-476 net-snmp: NULL Pointer Exception when handling ipDefaultTTL
net-snmp: NULL Pointer Exception when handling ipDefaultTTL
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
A vulnerability was found in Net-SNMP. This issue occurs because the handle_ipDefaultTTL function in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker (who has to write access) to cause the instance to crash via a crafted UDP packet, resulting in a denial of service.
Package: net-snmp (Red Hat Enterprise Linux 6) - Not affected
Package: net-snmp (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2022-44792: net-snmp - handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 throug...
vendor_debian·2022·CVSS 6.5
CVE-2022-44792 [MEDIUM] CVE-2022-44792: net-snmp - handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 throug...
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Scope: local
bookworm: resolved (fixed in 5.9.3+dfsg-2)
bullseye: resolved (fixed in 5.9+dfsg-4+deb11u2)
forky: resolved (fixed in 5.9.3+dfsg-2)
sid: resolved (fixed in 5.9.3+dfsg-2)
trixie: resolved (fixed in 5.9.3+dfsg-2)
GHSA
GHSA-pccv-xjc7-m5qv: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars
ghsa_unreviewed·2022-11-07
CVE-2022-44792 [MEDIUM] CWE-476 GHSA-pccv-xjc7-m5qv: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
OSV
CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars
osv·2022-11-07·CVSS 6.5
CVE-2022-44792 [MEDIUM] CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428https://github.com/net-snmp/net-snmp/issues/474https://lists.debian.org/debian-lts-announce/2023/01/msg00010.htmlhttps://security.netapp.com/advisory/ntap-20230223-0011/https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428https://github.com/net-snmp/net-snmp/issues/474https://lists.debian.org/debian-lts-announce/2023/01/msg00010.htmlhttps://security.netapp.com/advisory/ntap-20230223-0011/
2022-11-07
Published