Researchers at cybersecurity provider Forescout Research Labs and Israeli cybersecurity consultancy JSOF discovered nine new Domain Name System (DNS) vulnerabilities that could imperil more than 100 million connected Internet of Things (IoT) devices, at least a third of them located in the U.K.
Collectively designated NAME:WRECK, the bugs affect four popular Transmission Control Protocol/Internet Protocol (TCP/IP) stacks: FreeBSD, IPnet, Nucleus NET, and NetX.
Malefactors who exploit the vulnerabilities in a denial of service or remote code execution attack could disrupt or hijack targeted networks.
Forescout's Daniel dos Santos said, "Complete protection against NAME:WRECK requires patching devices running the vulnerable versions of the IP stacks, and so we encourage all organizations to make sure they have the most up-to-date patches for any devices running across these affected IP stacks."
From Computer Weekly
No entries found