• All
  • Cloud
    • Solutions
    • Virtualization
  • Data
    • Analytics
    • Big Data
    • Customer Data Platform
  • Digital
    • Digital Marketing
    • Social Media Marketing
  • Finance
    • Cost Management
    • Risk & Compliance
  • Human Resources
    • HR Solutions
    • Talent Management
  • IT Infra
    • App Management Solutions
    • Best Practices
    • Datacenter Solutions
    • Infra Solutions
    • Networking
    • Storage
    • Unified Communication
  • Mobility
  • Sales & Marketing
    • Customer Relationship Management
    • Sales Enablement
  • Security
  • Tech
    • Artificial Intelligence
    • Augmented Reality
    • Blockchain
    • Chatbots
    • Internet of Things
    • Machine Learning
    • Virtual Reality
AMNESIA:33 Whitepaper

AMNESIA:33 Whitepaper

Forescout
Published by: Research Desk Released: Feb 05, 2021

Forescout Research Labs discovered 33 zero-day vulnerabilities impacting four widely used open source TCP/IP stacks. Dubbed AMNESIA:33, these vulnerabilities reside in the uIP, FNET, picoTCP and Nut/Net stacks, which are foundational connectivity components for millions of IoT, OT, networking and IT devices. Four of these vulnerabilities are critical and allow for remote code execution. This white paper reveals where those vulnerabilities appear, potential attack scenarios, implications for healthcare, manufacturing and retail enterprises, and recommendations for mitigating the risks.
The AMNESIA:33 vulnerabilities cause memory corruption and can be exploited for:
•  Remote code execution (RCE) to take control of a target device
•  Denial of service (DoS) to impair functionality and impact business operations
•  Information leak (Infoleak) to acquire potentially sensitive information
•  DNS cache poisoning to point a device to a malicious website