Description
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The devices improperly handle TLS requests associated with PROCOME sockets, so TLS requests sent to those PROCOME ports could cause the device to reboot and result in a denial of service. To exploit this vulnerability, PROCOME ports must be configured and active, with communications encryption active.
Problem types
CWE-400 Uncontrolled Resource Consumption
Product status
Any version before 0.10.0-0C08
Any version before 0.10.0-0D00
Credits
Aarón Flecha Menéndez
Gabriel Vía Echezarreta
References
www.incibe.es/...e-vulnerabilities-zivs-idf-and-zlf-products