CVE-2022-44793
published 2022-11-07CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote…
PriorityP345medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
53.46%
98.9th percentile
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | net-snmp | < net-snmp 5.9.3+dfsg-2 (bookworm) | net-snmp 5.9.3+dfsg-2 (bookworm) |
| msrc | azl3_net-snmp_5.9.4-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_net-snmp_5.9.4-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_net-snmp_5.9-4_on_cbl_mariner_1.0 | — | — |
| net-snmp | net-snmp | >= 0 < 5.9+dfsg-4+deb11u2 | 5.9+dfsg-4+deb11u2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | >= 0 < 5.9.3+dfsg-2 | 5.9.3+dfsg-2 |
| net-snmp | net-snmp | 5.4.3 – 5.9.3 | — |
| paloalto | pan-os | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerable code path is in handle_ipv6IpForwarding within agent/mibgroup/ip-mib/ip_scalars.c — monitor for SNMP agent crashes originating from this function ↗
- →Attack vector is a crafted UDP packet targeting the SNMP agent; monitor for unexpected UDP traffic to SNMP ports (161/UDP) that causes process crashes ↗
- ·Affected versions are Net-SNMP 5.4.3 through 5.9.3; the NULL Pointer Exception is triggered specifically via the IPv6 IP forwarding MIB handler, so deployments with IPv6 SNMP MIB access exposed are at higher risk ↗
- ·Debian fixed this in 5.9.3+dfsg-2 (bookworm/sid/trixie/forky) and 5.9+dfsg-4+deb11u2 (bullseye); ensure patched package versions are deployed ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2010-1622 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
CISA ICS
Siemens SIMATIC and SIPLUS
cisa_ics·2024-06-13
Siemens SIMATIC and SIPLUS
ICS Advisory
##
Siemens SIMATIC and SIPLUS
Release DateJune 13, 2024
Alert CodeICSA-24-165-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Bu
CISA ICS
Siemens SIMATIC MV500
cisa_ics·2023-11-16·CVSS 9.8
[CRITICAL] Siemens SIMATIC MV500
ICS Advisory
##
Siemens SIMATIC MV500
Release DateNovember 16, 2023
Alert CodeICSA-23-320-13
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC MV500
- Vulnerabilities: Classic Buffer Overflow, NULL Pointer Dereference, Improper Authentication, Inefficient Regular Expression Complexity, Excessive Iteration, Out-of-bounds Write
## 2. RISK EVALUATION
Succe
Ubuntu
Net-SNMP vulnerabilities
vendor_ubuntu·2023-01-16
CVE-2022-24805 Net-SNMP vulnerabilities
Title: Net-SNMP vulnerabilities
Summary: Several security issues were fixed in Net-SNMP.
USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Net-SNMP incorrectly handled certain requests. A
remote attacker could possibly use these issues to cause Net-SNMP to crash,
resulting in a denial of service.
Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled
memory operations when processing certain requests. A remote attacker could
use this issue to cause Net-SNMP to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary chan
Ubuntu
Net-SNMP vulnerabilities
vendor_ubuntu·2023-01-09
CVE-2022-44792 Net-SNMP vulnerabilities
Title: Net-SNMP vulnerabilities
Summary: Net-SNMP could be made to crash if it received specially crafted network
traffic.
It was discovered that Net-SNMP incorrectly handled certain requests. A
remote attacker could possibly use these issues to cause Net-SNMP to crash,
resulting in a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via
vendor_msrc·2022-11-08·CVSS 6.5
CVE-2022-44793 [MEDIUM] CWE-476 handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet resulting in Denial of Service.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to a
Red Hat
net-snmp: NULL Pointer Exception when handling pv6IpForwarding
vendor_redhat·2022-11-07·CVSS 6.5
CVE-2022-44793 [MEDIUM] CWE-476 net-snmp: NULL Pointer Exception when handling pv6IpForwarding
net-snmp: NULL Pointer Exception when handling pv6IpForwarding
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
A flaw was found in Net-SNMP. This issue occurs because the handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP has a NULL Pointer Exception that could allow a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a denial of service.
Package: net-snmp (Red Hat Enterprise Linux 6) - Out of support scope
Package: net-snmp (Red Hat Enterprise Linux 7) - Out of support scope
Debian
CVE-2022-44793: net-snmp - handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 ...
vendor_debian·2022·CVSS 6.5
CVE-2022-44793 [MEDIUM] CVE-2022-44793: net-snmp - handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 ...
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Scope: local
bookworm: resolved (fixed in 5.9.3+dfsg-2)
bullseye: resolved (fixed in 5.9+dfsg-4+deb11u2)
forky: resolved (fixed in 5.9.3+dfsg-2)
sid: resolved (fixed in 5.9.3+dfsg-2)
trixie: resolved (fixed in 5.9.3+dfsg-2)
OSV
CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars
osv·2022-11-07·CVSS 6.5
CVE-2022-44793 [MEDIUM] CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
GHSA
GHSA-gg4c-vq6j-h4hr: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars
ghsa_unreviewed·2022-11-07
CVE-2022-44793 [MEDIUM] CWE-476 GHSA-gg4c-vq6j-h4hr: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202fhttps://github.com/net-snmp/net-snmp/issues/475https://lists.debian.org/debian-lts-announce/2023/01/msg00010.htmlhttps://security.netapp.com/advisory/ntap-20230223-0011/https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202fhttps://github.com/net-snmp/net-snmp/issues/475https://lists.debian.org/debian-lts-announce/2023/01/msg00010.htmlhttps://security.netapp.com/advisory/ntap-20230223-0011/
2022-11-07
Published