skip to Main Content

Cybersecurity, AMNESIA:33 is still a threat. Update the software now!

AMNESIA:33 is still a threat. Update the software now! The bunch of vulnerabilities in Multiple open-source embedded TCP/IP stacks, used in IoT and embedded devices, pose a immediate risk for organizations

AMNESIA:33, the bunch of vulnerabilities in Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, is still dangerous. It has been underlined by the Carnegie Mellon University cybersecurity experts, who updated the note on the threat, originally spread on December 08. Most of the flaws are caused by memory management bugs, commonly seen in lightweight software implementations in Real Time Operating Systems (RTOS) and IoT devices. The impact vary widely due to the combination of build and runtime options customized while including these in embedded devices. In summary, a remote, unauthenticated attacker may be able to use specially-crafted network packets to cause the vulnerable device to behave in unexpected ways such as a failure (denial of service), disclosure of private information, or execution of arbitrary code.

Back To Top