What is CVE-2023-38802?

A high-severity vulnerability in FRRouting and Pica8 PICOS could allow remote attackers to cause a denial of service. Immediate action is required to mitigate potential impacts on network availability.

What is the severity of CVE-2023-38802?

CVE-2023-38802 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2023-38802 | High Vulnerability in FRRouting and Pica8 PICOS

CVE-2023-38802 is a high-severity vulnerability affecting FRRouting versions 7.5.1 through 9.0 and Pica8 PICOS version 4.3.3.2. The vulnerability allows a remote attacker to cause a denial of service (DoS) by sending a crafted BGP update containing a corrupted attribute 23, also known as Tunnel Encapsulation. This issue highlights a significant risk to network availability, as a successful attack can disrupt network operations.

With a CVSS base score of 7.5, the vulnerability is categorized as high severity. Organizations utilizing affected versions of FRRouting or Pica8 PICOS should recognize the potential for significant operational impact. The ease of exploitation, with a low attack complexity and no privileges or user interaction required, increases the urgency for organizations to address this vulnerability.

Organizations should prioritize patching immediately to mitigate the risk associated with CVE-2023-38802. The availability impact is rated as high, indicating that successful exploitation could lead to substantial disruptions in service.

The vulnerability was published on August 29, 2023, and is part of a broader trend of increasing vulnerabilities in network protocols. Security teams should assess their exposure to this vulnerability and implement necessary mitigations promptly.

Vulnerability Details

The official description states that this vulnerability allows a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). The vulnerability falls under the CWE-354 category, which pertains to the improper validation of a message with a given length. This issue is present in FRRouting versions 7.5.1 to 9.0 and Pica8 PICOS version 4.3.3.2.

The CVSS score of 7.5 signifies high severity, indicating that exploitation could lead to serious consequences for the availability of affected systems. The potential impact on service availability necessitates immediate attention from organizations utilizing these products.

This vulnerability is particularly concerning due to its nature as a remote denial of service vulnerability. Given the broad deployment of FRRouting and Pica8 devices, the blast radius for potential exploitation could be significant.

Technical Analysis

The root cause of this vulnerability is the failure to properly validate BGP update messages. Attackers may leverage this oversight to craft malicious BGP updates that contain corrupted tunnel encapsulation attributes, leading to a denial of service condition. The attack vector is network-based, allowing for remote exploitation without requiring physical access to the affected systems.

The attack complexity is low, meaning that even less sophisticated attackers could potentially exploit this vulnerability. Importantly, no privileges are required for exploitation, and user interaction is not necessary, which further simplifies the attack process.

In terms of impact, the availability of the affected systems is significantly compromised, with a high availability impact rating. However, there is no impact on confidentiality or integrity, as the vulnerability does not allow unauthorized access to data or modification of existing data.

Risk & Impact Analysis

The real-world risk associated with CVE-2023-38802 is significant. Organizations utilizing affected FRRouting or Pica8 PICOS versions may face operational downtime due to successful exploitation of this vulnerability. Given that critical infrastructure and services often rely on BGP for routing, the consequences of a denial of service attack can extend beyond individual organizations, potentially impacting internet connectivity on a larger scale.

Organizations should assess their deployment of affected technologies and prioritize patching as a high urgency issue. The CVSS score of 7.5 indicates a high-risk scenario, warranting immediate remediation efforts to prevent exploitation.

The blast radius for this vulnerability is considerable, with a wide range of affected products and configurations. Security teams should implement necessary mitigations and prepare for potential incidents stemming from this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The following versions are affected by this vulnerability: FRRouting versions 7.5.1 through 9.0 and Pica8 PICOS version 4.3.3.2. Additionally, various distributions of Debian Linux (versions 10.0, 11.0, and 12.0) and Fedora versions 37, 38, and 39 are also impacted.

Mitigation & Remediation

Organizations should prioritize applying the latest patches to remediate CVE-2023-38802. If patches are not immediately available, it is advisable to implement temporary workarounds, such as restricting the acceptance of BGP updates or applying strict access controls to affected devices.

For ongoing security, organizations should engage in regular security assessments and consider utilizing penetration testing to identify similar vulnerabilities in their environments.

Detection Guidance

To detect potential exploitation attempts of CVE-2023-38802, organizations should monitor for unusual BGP update messages and check logs for anomalies related to BGP sessions. Additionally, monitoring for sudden spikes in network traffic or system resource usage may indicate an ongoing denial of service attack.

AppSecure Threat Intelligence Insight

CVE-2023-38802 represents a critical issue in the integrity of BGP implementations in widely used networking products. The current lack of known exploits does not reduce the importance of addressing this vulnerability, as the potential for future exploitation remains high.

Security teams should note the evolving nature of network vulnerabilities, especially those affecting core protocols like BGP. Organizations should stay informed about emerging threats and ensure their defenses are up to date. Engaging in proactive security measures, such as regular assessments and adopting best practices in network security, will help mitigate risks associated with vulnerabilities like CVE-2023-38802.

To enhance your organization's security posture, consider exploring our application security assessment services and stay ahead of potential vulnerabilities.

For comprehensive security strategies, organizations may find value in our continuous penetration testing offerings, which provide ongoing assessment and validation of security controls.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-38802: High Vulnerability in FRRouting and Pica8 PICOS