Threat Watch

DNS and TCP/IP Stack Vulnerabilities Affect 100 Million Devices

In a joint effort between researchers at JSOF and Forescout, a group of vulnerabilities has been disclosed affecting DNS in 100 million devices that are based on FreeBSD, Nucleus NET and NetX. This primarily affects Operational Technology (OT) and Internet of Things (IoT) devices. The collection of vulnerabilities is being called NAME: WRECK, and together can be leveraged to take over a machine. Each of these vulnerabilities, according to Forescout, while hypothetical, can allow an attacker to cause significant damage and steal data. The most critical vulnerabilities center around the implementation of message compression, allowing for remote code execution through buffer overflows.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

While patches for FreeBSD, Nucleus NET, and NetX are all currently available, it will be up to vendors to deliver these patches on time to devices. Vulnerabilities found in operating systems such as FreeBSD can be challenging to patch due to the high number of embedded devices that rely on the OS’s derivatives. Currently, there is no known proof-of-concept available, but in time there will likely be a POC that can lower the bar for attackers to leverage these vulnerabilities.

Reference:
https://www.bleepingcomputer.com/news/security/name-wreck-dns-vulnerabilities-affect-over-100-million-devices/

https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support