CVE-2023-28455
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-28455 is a high-severity vulnerability affecting Technitium DNS resolver software versions up to 11.0.2, allowing attackers to exploit the forwarding mode to create query loops that can lead to amplification attacks and potential denial of service (DoS). The exploit requires no user interaction or privileges, making it accessible via network vectors with low complexity. Organizations using the affected products should remediate the issue by updating to the latest version of Technitium DNS resolver, as failure to do so may result in substantial availability impacts. The CVSS base score for this vulnerability is 7.5, indicating significant risk. For more detailed information, users can refer to resources provided by Technitium and relevant security advisories.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.