Millions of IoT Devices at Risk From TCP/IP Stack Flaws

Healthcare Info Security

Jeremy Kirk

There's new bad news on the IoT front. Again.

Millions of consumer and enterprise IoT devices have software flaws in their TCP/IP stacks that could result in remote code execution, denial of service or a complete takeover of a device. Forescout nicknamed the batch of vulnerabilities Amnesia:33. Devices from as many as 150 vendors are likely vulnerable.

The flaws impact a diverse range of embedded systems, ranging from medical devices, industrial control systems, routers and switches - virtually anything that is running a vulnerable TCP/IP stack. The largest affected categories of affected devices are enterprise and consumer IoT devices.

The research comes from Forescout Technologies, which analyzed seven open-source TCP-IP stacks as part of research called Project Memoria.

In some cases,...

Get the Morning Update

© 2020 by HealthcareCISO.