Millions of devices threatened by new DNS vulnerabilities
-
Help Net Security reported last week that Forescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, referred to as NAME:WRECK.
Apparently these vulnerabilities affect four popular TCP/IP stacks - FreeBSD, IPnet, Nucleus NET and NetX – commonly present in well-known IT software and popular IoT/OT firmware, and potentially impact many industries including government, enterprise, healthcare, manufacturing and retail.
Millions of IoT devices around the world have the potential to be impacted. More than 180,000 devices in the U.S. and more than 36,000 devices in the UK are believed to be affected. If exploited, bad actors can use them to take target devices offline or assume control of their operations.