CVE-2024-55629
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-55629 affects Suricata, a network Intrusion Detection System and Intrusion Prevention System. This vulnerability, which existed before version 7.0.8, causes Suricata to analyze TCP streams with TCP urgent data differently than the applications at the endpoints. This discrepancy could potentially enable evasions. Suricata's latest version, 7.0.8, provides users with the ability to configure how to handle TCP urgent data. In Intrusion Prevention System mode, users can implement a rule, such as "drop tcp any any -> any any (sid:1; tcp.flags:U*;)", to drop all packets bearing the urgent flag.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.