AMNESIA:33 is a study published by Forescout Research Labs under Project Memoria. The study consists of a report on 33 new vulnerabilities found in TCP/IP stacks used by multiple IoT, OT and IT device vendors. AMNESIA:33 affects multiple open-source TCP/IP stacks, which means a single vulnerability tends to spread easily and silently across multiple codebases, … Continue reading “Amnesia:33 – Multiple Vulnerabilities in Open-Source TCP/IP Stacks”
Tag: DNS cache poisoning
Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack
Treck IP stack implementations for embedded systems are affected by multiple zero-day vulnerabilities. Total 19 vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc have been discovered by the JSOF research lab, who calls them Ripple20. Treck TCP/IP Stack Treck IP network stack is designed for and used in a variety of embedded systems. The software is often licensed and integrated … Continue reading “Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack”