Security News > 2021 > April > At Least 100 Million Devices Affected by "NAME:WRECK" DNS Flaws in TCP/IP Stacks

Popular TCP/IP stacks are affected by a series of Domain Name System vulnerabilities that could be exploited to take control of impacted devices, researchers with IoT security firm Forescout reveal.

Collectively called NAME:WRECK and identified in the DNS implementations of FreeBSD, Nucleus NET, IPnet, and NetX, the flaws could also be abused to perform denial of service attacks, to execute code remotely, or take devices offline.

The bugs were identified as part of Project Memoria, a research initiative aimed at improving the overall security of IoT devices and which has already resulted in the finding of more than 40 issues in popular TCP/IP stacks, critical components providing basic network connectivity for a wide range of devices.

The researchers point out that, should only 1% of these devices be vulnerable, their number would still be above 100 million.

The DNS message parsing in Nucleus NET is affected by multiple flaws that could be abused to perform a remote code execution attack, namely CVE-2020-27736, CVE-2020-27738, CVE-2020-15795 and CVE-2020-27009.

Overall, roughly 10 billion devices might be affected: over 3 billion devices are powered by Nucleus RTOS, which runs the Nucleus TCP/IP stack; ThreadX RTOS, which usually runs the NetX stack, had 6.2 billion deployments in 2017; while FreeBSD runs on devices found in millions of networks.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/aqb_AZ2Zjv4/least-100-million-devices-affected-namewreck-dns-flaws-tcpip-stacks