What is it?
Trivial File Transfer Protocol (TFTP) can operate in very little memory so it is sometimes used by a desktop computer to update the firmware on a router. TFTP uses port 69. TFTP is rarely used for Internet file transfers.
Wikipedia (link below) does a good job of explaining TFTP.
Why is it a risk?
As its name implies, TFTP is a very simple tool for transferring files between two devices on a network.
TFTP does not have built-in encryption, access control or authentication. This makes it very easy for an attacker to trick TFTP into giving access to files.
A Denial of Service attack (DoS) is when an attacker attempts to overwhelm a victim’s server.
A Distributed Denial of Service (DDoS) attack is when the attacker uses many unwitting accomplice computers to attack their victim. By orchestrating the actions of many computers, it is easier for the attacker to overwhelm their victim.
A server with a publicly accessible port (like the one described in this alert) can be turned into such an accomplice.
How can you mitigate the risk?
Ideally, you could disable TFTP entirely but that might make it difficult or impossible for you to update your router firmware.
There are very few use-cases where TFTP traffic should be allowed to or from the Internet to your local area network so mitigating this vulnerability is straight-forward: write firewall rules that disallow in or outbound traffic on port 69.
Resources:
Wikipedia Trvial File Transfer Protocol
https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
