IP stack could lead to real-world damage

2021-11-10 13:03

Researchers have unearthed 13 vulnerabilities affecting the Nucleus NET TCP/IP stack and have demonstrated how attackers could exploit them to cause serious real-world damage.

The bad new is that it may take a while for these patches to be propagated downstream, i.e., for the patched Nucleus NET versions to be included in the various devices that use it.

About Nucleus NET. "Nucleus NET is the TCP/IP stack of the Nucleus Real-time Operating System. The stack and the RTOS were originally developed by Accelerated Technology, Inc. in 1993, then acquired by Mentor Graphics in 2002 and finally by Siemens in 2017," Forescout and Mediagate Labs researchers explained.

The RTOS is apparently in use in more than 3 billion devices, most of which are device components, but they are also used in medical devices, building automation systems, IT and critical systems.

The thirteen vulnerabilities discovered by the researchers in the Nucleus NET TCP/IP stack run the impact gamut from information leak and DoS to remote code execution.

A Shodan search has revealed 1,169 devices running the Nucleus FTP and 1,090 ones running Nucleus RTOS. Queries to the Forescout Device Cloud have revealed close to 5,500 devices from 16 vendors in place at 127 customers.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/vJKBJAVnLY8/

#vulnerabilities