Security News > 2021 > April > How the NAME:WRECK Bugs Impact Consumers, Businesses

Researchers estimate more than 100 million internet-connected devices are vulnerable to a class of flaws dubbed NAME:WRECK. Devices ranging from smartphones, aircraft navigation systems and industrial internet of things endpoints are vulnerable to either a denial-of-service or remote code-execution attack, according to a joint report by Forescout Research Labs and JSOF Research Labs.

NAME:WRECK is similar to previous TCP/IP-DNS bugs that illustrate the complexity of the DNS protocol "That tends to yield vulnerable implementations," where bugs can often be leveraged by external attackers to take control of millions of devices simultaneously, researchers said.

One of the class of NAME:WRECK bugs are identified as DNS compression issues, impacting a wide range of devices that compress data used to communicate over the internet using TCP/IP. "With the first vulnerability, CVE-2020-27009, the attacker can craft a DNS response packet with a combination of invalid compression pointer offsets that allows them to write arbitrary data into sensitive parts of a device's memory, where they will then inject the code," researchers wrote.

CVE-2020-15795: A domain name label-parsing bug impacting devices running Nucleus NET and can lead to RCE;.

CVE-2020-27736: A VDomain name label-parsing bug impacting devices running Nucleus NET and can lead to DoS;.

CVE-2020-27737: A VDomain name label-parsing bug impacting devices running Nucleus NET and can lead to DoS;.

News URL

https://threatpost.com/namewreck-bugs-businesses/165385/