A flaw in network pentesting tool Wireshark allows hackers to remotely launch Denial of Service (DoS) and make CPU consume more resources
If you are a hacker or a security researcher, you have probably used Wireshark. Wireshark is the world’s most popular network protocol analyzer. The software is free and open-source. Security researchers have found a new vulnerability in the popular network sniffing tool. This vulnerability has been given the unique identifier CVE-2020-15466 and has a severity score of 5.7/10. The vulnerability could be exploited remotely by potential hackers to make the victim’s PC and CPU consume more resources and launch a denial of service (DoS) attack.
The vulnerability in Wireshark versions 3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4 exists due to an infinite loop within the GVCP dissector, allowing remote threat actors to deploy DoS attacks. A malicious hacker can pass a specially designed package tracking file to the vulnerable application, which will consume all system resources, leading to the DoS condition.
The report says that thought this Wireshark vulnerability can be exploited remotely by hackers, they have not found any evidence of it being exploited in the wild. Security researchers have also not found any malware variants authored to take advantage of the GVCP dissector infinite loop in Wireshark.
The Wireshark developers have already fixed the issue and have requested all the Wireshark users to update to the patched Wireshark version 3.2.5 which is available below:
Wireshark developers have noted that there is no workaround for this particular vulnerability and Wireshark users have to to download the Wireshark version 3.2.5 to mitigate the risk of exploitation.