Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Network zero-days leave millions of IoT devices open to abuse

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 17 Jun 2020 08:30:55 +0000 (UTC)
https://www.itnews.com.au/news/network-zero-days-leave-millions-of-iot-devices-open-to-abuse-549354

By Juha Saarinen
itnews.com.au
June 17, 2020

Security researchers analysing a network stack used in hundreds of millions of
devices found that it contained serious vulnerabilities that could be exploited
by attackers for remote code execution and data exfiltration.

The software library is made by Treck, which specalises in transmission control
protocol/internet protocol (TCP/IP) networking stacks for embedded devices.

JSOF, which started analysing Treck's software in September last year, found a
total of 19 vulnerabilities.

Of these, four are marked as critical, having ratings over 9 under the Common
Vulnerabilities Scoring System version 3 and can be considered as zero-days,
JSOF said.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: