CVE-2025-29311
Published: 24 March 2025
Description
Adversaries may use brute force techniques to gain access to accounts when passwords are unknown or when password hashes are obtained.
Security Summary
CVE-2025-29311 is a vulnerability in ONOS version 2.7.0, stemming from a limited secret space in LLDP packets that allows attackers to recover the private key via brute-force attacks. This issue, classified under CWE-331 (Insufficient Entropy), carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), highlighting its high confidentiality impact due to network-based exploitation without authentication or user interaction.
Unauthenticated remote attackers can exploit this vulnerability by sending crafted LLDP packets to brute-force the constrained secret space, enabling recovery of the private key. With the key obtained, attackers can generate additional malicious LLDP packets, potentially compromising sensitive network discovery and configuration data processed by the affected ONOS instance.
For mitigation guidance, refer to the advisory at https://gist.github.com/Saber-Berserker/790f2a75ae482df3fd0fce569f30504a.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability allows unauthenticated remote attackers to send crafted LLDP packets for brute-force recovery of the private key due to insufficient entropy, directly enabling T1190 (Exploit Public-Facing Application) for the remote exploit and T1110 (Brute Force) for the key recovery attack; recovered key then facilitates malicious packet generation impacting network data.