CISA warns of SLP vuln that alows DoS attacks
November 2023 by Sylvain Cortes, VP Strategy at Hackuity
The US cybersecurity agency CISA on Wednesday issued a warning on threat actors exploiting a Service Location Protocol (SLP) vulnerability, which was first disclosed in April, that allows for denial-of-service (DoS) attacks with a high amplification factor, of up to an estimated 2000.
Sylvain Cortes, VP Strategy, Hackuity, points out why this should encourage organisations to take the necessary steps to fully secure their environments:
“Now that CISA has issued a warning about this Service Location Protocol (SLP) vulnerability, which enables highly amplified denial-of-service (DoS) attacks, organisations should be more motivated than ever to take the necessary steps to secure their environments.
The fact that multiple vendors are still confirming they’ve been impacted by a vuln known as far back as April seems shocking – that is until you realise just how many tens of thousands of vulnerabilities have been disclosed since then. Enter prioritisation 101: accept that you can’t patch everything, and patch what affects your attack surface.
Vulnerability prioritisation needs to be treated as the holy grail for rapid, effective vulnerability remediation.”