CATEGORIES
home News

Over 100 Million IoT Devices Vulnerable To New NAME:WRECK Remote Execution Attacks

by Nathan OrdTuesday, April 13, 2021, 11:39 AM EDT
researchers discover set of vulnerabilities in tcpip stack which could lead to rce and dos
A new set of nine vulnerabilities that affect popular TCP/IP stacks, specifically relating to Domain Name Systems (DNS) implementations, were revealed yesterday. According to researchers at Forescout and JSOF, these vulnerabilities, collectively identified as NAME: WRECK, could impact at least 100 million IoT devices, leading to denial of service (DoS) and remote code execution.

Forescout reports that the NAME:WRECK vulnerabilities are bugs within TCP/IP stacks FreeBSD, Nucleus NET, IPnet, and NetX. These stacks are used in millions of different devices, and when paired with the “often external exposure of vulnerable DNS clients,” the attack surface can be quite a large target. The researchers specifically claim that organizations in healthcare and government sectors are “in the top three most affected for all three stacks,” meaning they could be most vulnerable and easily targeted.
attack diagram 2 researchers discover set of vulnerabilities in tcpip stack which could lead to rce and dos
Should an attacker want to go after these organizations, the report explains they could leverage three vulnerabilities within NAME:WRECK to inject code onto a target. It would take the attacker acting as a DNS server by way of a man-in-the-middle attack, which would allow them to reply to a DNS request with the malicious packet. Then, the attacker will have initial access, allowing them to laterally move within a network to compromise the device or data they want.

To avoid this very possible security breach situation, organizations need to patch devices running the vulnerable versions of the TCP/IP stacks. As Forescout states, FreeBSD, Nucleus NET, and NetX have been patched recently, so “device vendors using this software should provide their own updates to customers.” However, if this is not possible, organizations need to enforce network segmentation and proper network hygiene to mitigate risk. Either way, hopefully, NAME:WRECK will put more eyes on vulnerable network stacks, and consumers can face fewer cybersecurity threats in the future.
Tags:  security, DNS, dos, vulnerabilities, cybersecurity, remote-code-execution
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment