CVE-2015-5621 Raw CVE debrief

Who should care

Organizations running Silex Technology SD-330AC firmware or AMC Manager, and any environment exposing SNMP services that rely on affected net-snmp versions, should treat this as an operational availability risk. OT/ICS teams should pay particular attention because the advisory is published in a CISA ICS context and the stated impact is a crash/denial of service.

Technical summary

The supplied advisory states that in net-snmp 5.7.2 and earlier, snmp_pdu_parse in snmp_api.c can leave a varBind variable in a netsnmp_variable_list item uncleared when SNMP PDU parsing fails. The result is a remote denial of service (crash). The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating a network-reachable, low-complexity, availability-only impact. CISA’s source material associates the issue with Silex Technology SD-330AC <=1.42 and AMC Manager <=5.0.2, but the vendor mapping in the provided metadata is marked low confidence and should be validated against the vendor and JPCERT references.

Defensive priority

High for exposed SNMP services, especially in operational environments where a crash could disrupt monitoring, management, or device availability. Priority increases if the affected products are internet-reachable, broadly deployed, or difficult to patch quickly.

Recommended defensive actions

• Upgrade to SD-330AC firmware Ver. 1.50 or later if you operate the affected Silex device.
• Upgrade AMC Manager to Ver. 5.1.0 or later if you use the affected management software.
• Disable the SNMP service where it is not operationally required, as recommended in the advisory.
• Restrict network access to SNMP-capable management interfaces to trusted hosts only.
• Validate whether your environment uses affected net-snmp versions or the Silex products named in the advisory, because the supplied vendor mapping is low confidence.
• Monitor for service crashes or unexpected restarts on exposed SNMP management components until remediation is complete.

Evidence notes

This debrief is based only on the supplied CISA CSAF source item and its listed references. The source text states that snmp_pdu_parse in snmp_api.c in net-snmp 5.7.2 and earlier fails to remove a varBind variable when parsing fails, enabling a remote denial of service (crash). The same source lists vendor remediations of SD-330AC firmware 1.50+ and AMC Manager 5.1.0+, plus the mitigation to disable SNMP service. The supplied metadata marks the vendor mapping as low confidence, so product attribution should be checked against the upstream vendor and JPCERT references before broad rollout.

Official resources