CVE-2021-43547 in CoreDX DDS
Summary
by MITRE • 05/05/2022
TwinOaks Computing CoreDX DDS versions prior to 5.9.1 are susceptible to exploitation when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 06/26/2026
The vulnerability in TwinOaks Computing CoreDX DDS versions prior to 5.9.1 represents a critical security flaw that enables remote attackers to exploit the distributed data sharing protocol through crafted network packets. This issue falls under the category of denial-of-service attacks as defined by CWE-400, where malicious actors can flood target systems with excessive traffic, causing legitimate users to lose access to services. The vulnerability specifically affects the DDS (Data Distribution Service) implementation within CoreDX software, which is widely used in real-time systems for reliable message passing between applications.
The technical flaw manifests when an attacker crafts specially formatted packets that trigger buffer overflow conditions or memory exhaustion within the DDS component. This occurs due to insufficient input validation and inadequate traffic management mechanisms in the protocol stack. The vulnerability creates a condition where legitimate network traffic becomes overwhelmed by malicious packets, leading to system resource exhaustion and ultimately rendering the device unavailable to authorized users. According to ATT&CK framework, this represents a network denial-of-service technique that can be classified under T1498, specifically targeting network infrastructure and services.
The operational impact of this vulnerability extends beyond simple service disruption, as it also exposes sensitive information through the flooding mechanism. When systems become overwhelmed with malicious traffic, they may inadvertently reveal internal state information or configuration details to attackers who monitor the network. This information exposure aspect aligns with CWE-200, which covers insufficient logging and monitoring that can lead to data leakage during security incidents. The affected environment typically includes industrial control systems, automotive networks, aerospace applications, and other real-time distributed computing environments where CoreDX DDS is deployed.
Organizations utilizing affected versions of CoreDX DDS should prioritize immediate patching to version 5.9.1 or later, which incorporates proper input validation and traffic throttling mechanisms. Network segmentation and access controls should be implemented to limit exposure, while monitoring systems should be configured to detect unusual traffic patterns that may indicate exploitation attempts. The mitigation strategy should include regular security assessments of distributed systems and implementation of intrusion detection systems specifically designed to identify DDS protocol anomalies. Additionally, organizations should conduct vulnerability scans using tools that can detect the specific patterns associated with this vulnerability, ensuring comprehensive protection against both current and potential future exploits targeting similar protocol implementations.