Tag: Forescout Research

Forescout Research Labs Vulnerability Report: AMNESIA:33

Research Desk

Forescout Research Labs discovered 33 zero-day vulnerabilities impacting four widely used open source TCP/IP stacks. Dubbed AMNESIA:33, these vulnerabilities reside in the uIP, FNET, picoTCP and Nut/Net stacks, which are foundational connectivity components for millions of IoT, OT, networking and IT devices. Four of these vulnerabilities are critical and allow for remote code execution. This white paper reveals where those vulnerabilities appear, potential attack scenarios, implications for healthcare, manufacturing and retail enterprises, and recommendations for mitigating the risks.
The AMNESIA:33 vulnerabilities cause memory corruption and can be exploited for:

  • Remote code execution (RCE) to take control of a target device
  • Denial of service (DoS) to impair functionality and impact business operations
  • Information leak (Infoleak) to acquire potentially sensitive information
  • DNS cache poisoning to point a device to a malicious website

The Enterprise of Things: The State of IoT Security

Research Desk

In this first edition of The Enterprise of Things Security Report, Forescout Research Labs analyzed data from over 8 million devices deployed across the Financial Services, Government, Healthcare, Manufacturing and Retail sectors to assess the current state of enterprise IoT cybersecurity. This information comes from one of the world’s largest repositories of connected device data, the Device Cloud.

To date, this is the most comprehensive study if its kind. Some of the key findings include:

  • Smart buildings, medical devices, networking equipment and VoIP phones represent the riskiest IoT device groups.
  • Six of the top 10 riskiest IoT device types fall into the categories of medical devices and networking equipment.
  • Windows workstations represent a major cybersecurity risk to organizations, with over 30% of managed devices in manufacturing and over 35% in healthcare running recently unsupported Windows versions.
  • Commonly exploited network services like Telnet are found in all five industry verticals.