Summary: MatrixSSL is prone to a remote code execution vulnerability.
Detection Method: Checks if a vulnerable version is present on the target host.
Technical Details: The DTLS server mishandles incoming network messages leading to a heap-based
buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c.
During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS
Affected Versions: MatrixSSL version 4.2.1 and prior.
Recommendations: No known solution is available as of 05th August, 2019.
Information regarding this issue will be updated once solution details are available.
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition