What is AMNESIA:33?
What is AMNESIA:33?
Forescout Research Labs has discovered a set of thirty-three new memory-corrupting vulnerabilities, affecting millions of enterprise IoT, OT and IT devices. Lurking in four open-source TCP/IP stacks used by over 150 vendors, AMNESIA:33 can present an immediate risk to organizations worldwide. Four of the vulnerabilities are critical, with possible exploits including Remote Code Execution, Denial of Service, and Data Exfiltration. And with the rapid shift to Work-From-Home in 2020, the risk surface for all enterprises has broadened through unmanaged devices on their employees’ home networks, which are highly vulnerable to AMNESIA:33 exploits. In this scenario, a threat actor has selected your manufacturing company’s production line as a target.The hacker infiltrates an employee’s home network via an unmanaged wireless router, allowing them to compromise a VPN-connected laptop.They then move laterally across your network through a Windows exploit to gain control of an engineering workstation with access to your plant’s Industrial Control System.The attacker tampers with a protocol gateway, corrupting the link between the control network and serial-enabled equipment –causing production to halt.In another scenario, a threat actor aims to sabotage your retail chain.The hacker exploits an AMNESIA:33 vulnerability in a smart temperature monitor as the entry point to the store’s local network.They then send malicious packets, which take the receipt printers for several POS systems offline, causing massive in-store delays.If the hacker wants to cause greater damage, they continue their attack by targeting the network switch, disabling communications between the local store’s network and its corporate services. Forescout Technologies strongly advises taking swift action to protect your enterprise: Assess your risk and exposure. Patch when possible. Segment to mitigate risk. Disable or block IPV6 traffic. Rely on internal DNSservers. Monitor for malformed packets.
To learn more about AMNESIA:33, visit our website.