CVE-2023-32649

Summary

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets.

During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.

Affected Software

VendorProductVersion RangeStatus
Nozomi NetworksGuardian22.6.0 < 22.6.3affected
Nozomi NetworksGuardian23.0.0 < 23.1.0affected
Nozomi NetworksCMC22.6.0 < 22.6.3affected
Nozomi NetworksCMC23.0.0 < 23.1.0affected

Weaknesses

  • CWE-1286: CWE-1286 Improper Validation of Syntactic Correctness of Input

Workarounds

N/A. It is recommended to monitor the IDS log to check for abnormal stops and restarts.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References