CRITICAL🇵🇱 Wersja polska

CVE-2025-29310

CVSS 9.8v3.1pub. 2025-03-24upd. 2025-04-01

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information.

🤖 AI Analysis
How it works

An attacker sends a specially crafted LLDP (Link Layer Discovery Protocol) packet to the ONOS system. During packet processing, unsafe deserialization of data occurs (CWE-502), meaning untrusted input data is deserialized without proper validation. As a result, an attacker can smuggle a malicious payload that will be executed on the server side.

Impact

An attacker can remotely execute arbitrary system commands on the ONOS server (RCE) and gain access to sensitive network information. Due to the network vector and lack of authentication requirements, the impact of compromise could include full control over the SDN controller.

Mitigation & patch

Apply patches available from the vendor according to the references. Until patches are applied, it is recommended to restrict network access to interfaces processing LLDP packets and monitor traffic for anomalous LLDP packets.

Who is affected

ONOS (Open Network Operating System) version 2.7.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Opennetworking Onos

    APP
    Opennetworking
    2.7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Deserialization
CWE
References

Related vulnerabilities

CVE-2023-41591CRITICAL9.8PL ✓ten sam produkt

ONOS v2.7.0 — fałszowanie adresów IP/MAC umożliwiające atak man-in-the-middle

CVE-2025-29312CRITICAL9.1PL ✓ten sam produkt

ONOS v2.7.0 – manipulacja typem łącza powoduje nieoczekiwane zachowanie urządzeń sieciowych

CVE-2022-29604CRITICAL9.8ten sam produkt

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT sta...

CVE-2022-29606CRITICAL9.8ten sam produkt

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is mi...

CVE-2025-29311HIGH7.5ten sam produkt

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a brut...