Risky Bulletin Newsletter
April 26, 2023
Risky Biz News: SLP protocol can be abused for large-scale DDoS attacks with huge 2,200x amp factor
Presented by

News Editor
The vulnerability—tracked as CVE-2023-29552—allows an attacker to send a small request to an SLP server that is then bounced toward a victim's network at a much larger size.
This trick is used by threat actors to execute "reflected DDoS attacks," and in the case of SLP, researchers say the protocol's amplification factor is a whopping 2200x, which ranks SLP as the protocol with the third largest amplification factor ever observed.
Because of the protocol's huge output potential for DDoS attacks, both Cloudflare and Netscout expect " the prevalence of SLP-based DDoS attacks to rise significantly in the coming weeks" as threat actors learn to exploit it.