Hello, welcome to the Thursday, November 18th, 2021 edition of the Sansonet Storm Center's

Stormcast. My name is Johannes Ulrich, and the day I'm recording from Fort Walton Beach, Florida.

Researchers from TX1 Trend Micro Cyclone DNS and others have taken a look at the data distribution service

protocol or short DDS. And surprise, surprise they found vulnerabilities in the top six

implementations of this protocol. The total vulnerabilities being made public so far are 12 and some

of them may lead to arbitrary code execution. So first a little bit about DDS. Why is it

important? Well, it's important because it's often used for in and of things and industrial

control systems and number of

large vendors.

For example, Siemens are using this protocol.

The idea of the protocol is that you have a standardized way, how devices are able to send

information about themselves or information that they're collecting

to a network and then other devices are able to request that information.

There are number of options how this can happen, like for example, the data could be

formatted in XML or JSON.

The information exchange could happen over a network using

TCP. It could also happen via UDP or directly in memory. Out of these 12 vulnerabilities,

five are actually related to the XML implementation, including one vulnerability that's related to an unmaintained

XML library used by the particular vendor.

One of the vulnerabilities is also specifically to the standard, so essentially the standard

has to be updated in order to fix that vulnerability.

Since the affected systems here are usually industrial systems, so this is not a home system or

...