Security holes put 100 million IoT devices at risk

A new set of DNS vulnerabilities have been disclosed by Forescout Research Labs, in partnership with JSOF, with the potential to impact over 100m consumer, enterprise and industrial IoT devices.

The vulnerabilities, dubbed NAME:WRECK, affect four popular TCP/IP stacks including FreeBSD, IPnet, Nucleus NET and NetX which are used in well-known IT software and popular IoT/OT firmware. FreeBSD is used for high performance servers in millions of IT networks including Netflix and Yahoo while IoT/OT firmware such as Siemens’ Nucleus NET has been used for decades in critical OT and IoT devices.

Source link