Forescout Research Labs discovered 33 zero-day vulnerabilities impacting four widely used open source TCP/IP stacks. Dubbed AMNESIA:33, these vulnerabilities reside in the uIP, FNET, picoTCP and Nut/Net stacks, which are foundational connectivity components for millions of IoT, OT, networking and IT devices. Four of these vulnerabilities are critical and allow for remote code execution. This white paper reveals where those vulnerabilities appear, potential attack scenarios, implications for healthcare, manufacturing and retail enterprises, and recommendations for mitigating the risks.
The AMNESIA:33 vulnerabilities cause memory corruption and can be exploited for:
- Remote code execution (RCE) to take control of a target device
- Denial of service (DoS) to impair functionality and impact business operations
- Information leak (Infoleak) to acquire potentially sensitive information
- DNS cache poisoning to point a device to a malicious website