Siemen Nucleus News Today : Breaking News, Live Updates & Top Stories | Vimarsana
Stay updated with breaking news from Siemen nucleus. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Top News In Siemen Nucleus Today - Breaking & Trending Today
Patches have been issued, but many devices cannot be fixed on April 15, 2021, 12:29 In context: Security researchers at Forescout and JSOF have uncovered a set of nine vulnerabilities within four commonly used TCP/IP stacks. They estimate that more than 100 million devices are affected by these security flaws, which they dubbed Name:Wreck. They mainly affect Internet of Things (IoT) products and IT management servers. The vulnerabilities exist in both open source and proprietary stacks, including FreeBSD and Siemens Nucleus NET. The flaws all pertain to how these TCP/IP stacks handle DNS servers. While they found no evidence that these holes have been used in the wild, hackers could potentially utilize them to crash a network or infiltrate a victim s infrastructure allowing them remote control. These implications could be catastrophic for critical systems like those used in health care, manufacturing, or government networks. ....
Latest Articles freerepublic.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from freerepublic.com Daily Mail and Mail on Sunday newspapers.
Forescout researchers teamed up with JSOF to find the flaws and added that these can impact over 100 million consumer, enterprise, and industrial IoT devices worldwide. Millions of IT networks use FreeBSD, including Netflix and Yahoo. Meanwhile, IoT/OT firmware, such as Siemens’ Nucleus NET has been used for decades in critical OT and IoT devices. If exploited, among the plausible scenarios researchers laid out included exposing government or enterprise servers by accessing sensitive data, such as financial records, intellectual property, or employee/customer information. They could also compromise hospitals by connecting to medical devices to obtain health care data, taking them offline and preventing health care delivery. ....
The vulnerabilities the same across all nine stacks involve the manner in which the so-called Initial Sequence Number (ISN) is generated. The ISN ensures that every TCP connection is unique, that there are no collisions with other connections, and that no third party can interfere with an ongoing connection. To guarantee this, the ISN is randomly generated so no one can guess the number and use it to hijack an ongoing connection or spoof a new one. Forescout s analysis showed problems with the manner in which the TCP/IP stacks that were analyzed generate the ISNs. In nine of the 11 stacks, the ISNs were improperly generated, leaving the connections open to attacks. In some cases, the numbers were predictable, and in others, the problem had to do with the underlying algorithm. In other cases, the numbers had constant increments, while others used a combination of values that could be inferred, Forescout said in its report. ....