Millions of IoT (Internet of Things) devices have security vulnerabilities that could allow cybercriminals to knock devices offline or control them remotely. The problem with this is that it opens the door to gain wider access to bigger networks.
Nine major vulnerabilities are affecting four TCP/IP stacks (these are communication protocols used in IoT devices). They are related to Domain Name System (DNS) implementations, which can lead to Denial of Service (DoS) or Remote Code Execution (RCE) by cybercriminals. Over 100 million consumers, industrial and enterprise IoT devices could potentially be affected.
The vulnerabilities were uncovered and explained by cybersecurity researchers at Forescout and JSOF. The vulnerabilities have been dubbed Name:Wreck, because of how parsing domain names breaks the DNS implementations in TCP/IP stacks, leading to attacks.
The report comes after Forescout’s previous research into IoT flaws and is part of the Project Memoria (an initiative to examine vulnerabilities in TCP/IP stacks and stop/prevent them.)
Vulnerabilities were found in popular stacks like FreeBSD, NetX, Nucleus NET. While there are security patches now to fix these issues, applying updates to IoT devices is not exactly an easy thing to do.
More attacks could follow
With difficulties in applying updates, it means that the devices could remain vulnerable, providing a gateway for cyber attackers to get into the network and disrupt services.
Daniel dos Santos, the research manager at Forescout research labs said that this is an entry point into a network and from there, attackers can decide what they want to do. One of those things is taking devices online by sending malicious packets or execute code on the device.
Moving laterally in the network opens up networks to even more risk. Solutions will have to be devised to curb this potential problem.