Millions of IoT Devices at Risk From TCP/IP Stack Flaws
Healthcare Info Security
There's new bad news on the IoT front. Again.
Millions of consumer and enterprise IoT devices have software flaws in their TCP/IP stacks that could result in remote code execution, denial of service or a complete takeover of a device. Forescout nicknamed the batch of vulnerabilities Amnesia:33. Devices from as many as 150 vendors are likely vulnerable.
The flaws impact a diverse range of embedded systems, ranging from medical devices, industrial control systems, routers and switches - virtually anything that is running a vulnerable TCP/IP stack. The largest affected categories of affected devices are enterprise and consumer IoT devices.
The research comes from Forescout Technologies, which analyzed seven open-source TCP-IP stacks as part of research called Project Memoria.
In some cases,...