Home → News → These New Vulnerabilities put Millions of IoT Devices... → Full Text

These New Vulnerabilities put Millions of IoT Devices at Risk, so Patch Now

By ZDNet

April 13, 2021

[article image]

Security vulnerabilities in millions of Internet of Things devices (IoT) could allow cyber criminals to knock devices offline or take control of them remotely, in attacks that could be exploited to gain wider access to affected networks.

The nine vulnerabilities affecting four TCP/IP stacks – communications protocols commonly used in IoT devices – relate to Domain Name System (DNS) implementations, which can lead to Denial of Service (DoS) or Remote Code Execution (RCE) by attackers. Over 100 million consumer, enterprise and industrial IoT devices are potentially affected.

Uncovered and detailed by cybersecurity researchers at Forescout and JSOF, the vulnerabilities have been dubbed Name:Wreck after the way the parsing of domain names can break DNS implementations in TCP/IP stack, leading to potential attacks.

From ZDNet
View Full Article



No entries found