Security News > 2021 > February > Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack

Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices.

The vulnerabilities are due to weak Initial Sequence Number generation, and could be exploited to mount limited DoS attacks against the vulnerable devices, to inject malicious data on a device, or to bypass authentication.

"ISNs ensure that every TCP connection between two devices is unique and that there are no collisions, preventing third parties from interfering with an ongoing connection. To guarantee these properties, ISNs must be randomly generated so that an attacker cannot guess an ISN and hijack an ongoing connection or spoof a new one."

The researchers probed 11 TCP/IP stacks, seven of which are open-source, and the rest include Microchip's MPLAB Net, Texas Instruments' NDKTCPIP, ARM's Nanostack and Siemens' Nucleus NET. They discovered that lwIP and Nanostack were not vulnerable, but the rest were, and that the vulnerabilities allow attackers to predict the ISN of existing TCP connections or new ones.

The bad news is that patching all the affected devices out there - and these include medical devices, wind turbine monitoring systems, remote terminal units and IT storage systems - is unlikely to happen, because embedded devices are notoriously difficult to manage and update as they are often a part of mission-critical infrastructure,.

"For vulnerable IoT and OT devices, use segmentation to minimize their network exposure and the likelihood of compromise without impacting mission-critical functions or business operations. Segmentation and zoning also limit the blast radius and business impact if a vulnerable device becomes compromised," they also recommended.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/K0QSZh0-nzU/