Security News > 2021 > April > New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices

New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices
2021-04-13 05:24

Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system.

"These vulnerabilities relate to Domain Name System implementations, causing either Denial of Service or Remote Code Execution, allowing attackers to take target devices offline or to take control over them," the researchers said.

The name comes from the fact that parsing of domain names can break DNS implementations in TCP/IP stacks, adding to a recent uptick in vulnerabilities such as SigRed, SAD DNS, and DNSpooq that leverage the "Phonebook of the internet" as an attack vector.

As with the previous flaws, there are several hurdles to applying the fixes, what with the lack of information regarding the TCP/IP stack that runs on a device, the difficulty in delivering patches because the devices are not centrally managed, or they cannot be taken offline due to their central role in mission-critical processes like healthcare and industrial control systems.

Even worse, in some cases, it may never be feasible to push a patch, as a result of which many of the impacted devices will most likely remain exposed to attacks for years to come or until they are decommissioned.

For a start, Forescout has released an open-source script to detect devices running the affected stacks.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/XIF1NSjySrQ/new-namewreck-vulnerabilities-impact.html