FiveM Security Advisory – 2018-12-13 – FiveM Announcements

A vulnerability in the FiveM FXServer resource handling code could allow a remote attacker to cause a C++ exception, resulting in a denial of service (DoS) condition.

This vulnerability is caused by a off-by-one error in network packet parsing, and can be triggered by sending specially crafted UDP packets to an existing FiveM game connection.

We have addressed this vulnerability in server releases starting at build 923. You can tell what version you’re running by either:

  • Accessing https://host:port/info.json and checking the server field.
  • Running the version command in the server (remote) console.

We are currently aware of attackers using this vulnerability in the wild, so it is strongly recommended to upgrade your server instances to this version or higher (if available).

CVSS score: 6.5 (Medium)

16 Likes

Original source: https://forum.cfx.re/t/fivem-security-advisory-2018-12-13/203209

User Avatar
Author:
I am an author on Gameblog24! Your favorite one, probably, huh? My games: I love the GTA-series, Minecraft and other small games like Among Us or Overwatch!

Leave a Reply

Your email address will not be published.

Subscribe to Newsletter

Give us a call or fill in the form below and we will contact you. We endeavor to answer all inquiries within 24 hours on business days.