CVE-2024-32385

Cybersicherheitsschild. Konzept für Cyberbedrohungen

Information Disclosure via mDNS in KerOS 4.3.3 and Below

Information Disclosure via mDNS in KerOS 4.3.3 and Below

Information Disclosure via mDNS in KerOS 4.3.3 and Below

CVE ID
CVE-2024-32385
CVE Link
https://nvd.nist.gov/vuln/detail/CVE-2024-32385
Vendor
Kerlink
Affected Product & Version
KerOS ≤ 4.3.3
Vulnerability Type
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS Base Score / CVSS Vector

NVD: Awaiting analysis

BDO: 4.3 Medium / CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Author
Martin Weißbach
Date
2026-05-27

CVE Details

Description:

KerOS 4.3.3 and below exposes device-specific information via mDNS that may allow an unauthenticated attacker on the local network to gain privileged access to management services, including SNMP.

Remediation:

KerOS4 and KerOS5 should no longer be used, as they are considered end of life. Instead, the most recent version of KerOS 6 should be used.

References:


Timeline

2024-03-19: Vulnerability reported to Kerlink

2024-03-23: Kerlink informed us that the issues were under analysis

2024-03-29: Vendor confirmed the vulnerabilities and provided an update on the current status of the analysis, including potential fixes

2024-04-08: We provided feedback on the fixes

2024-04-28: Vendor provided an update on the status of the fixes

2024-06-11: We reported additional vulnerabilities; ongoing communication regarding these issues

2025-08-05: We informed Kerlink of our intention to release the CVEs

2025-09-06: Vendor informed us that KerOS4 is EOL, KerOS will only be maintained for critical vulnerabilities tills end of 2025 and that this vulnerability does not affect KerOS6

2026-04-01: Coordinated public disclosure of this CVE was agreed upon with the vendor

2026-05-27: CVE published