Skip to main content

Millions of smart devices could still have major security flaws

Smart home
(Image credit: Pixabay)

The latest study from Forescout Research Labs has found that an alarming number of smart devices could easily be targeted by malware. The enterprise security firm found 33 new zero-day vulnerabilities, present in millions of smart devices produced by more than 150 manufacturers.

Forescout has dubbed these 33 security bugs “AMNESIA:33,” finding them in four widely used open source TCP/IP stacks that are found in the foundational connectivity components of millions of IoT devices.

“While it is difficult to assess the full impact of AMNESIA:33, we estimate more than 150 vendors and millions of devices worldwide are vulnerable,” a Forescout whitepaper reads. “Since these open source stacks are widely used in embedded components, they exist in devices used in most modern enterprises. Affected devices range from network switches to smart printers, environmental sensors to security cameras, self-checkout kiosks to RFID asset trackers, and badge/fob readers to uninterruptible power supplies, to name just a few.”

Smart cyberattacks

Four of the vulnerabilities that make up AMNESIA:33 are classified as critical, allowing for remote code execution attacks. In addition, the other security bugs cause memory corruption and can be exploited to cause denial of service, information leaks, and DNS poisoning.

As more businesses have embraced IoT or smart devices, the security standards of TCP/IP stacks have become significantly more important. Forescout points out that the AMNESIA:33 bugs could be used to launch attacks against healthcare organizations, retailers, utility suppliers, and manufacturers.

The AMNESIA:33 research is part of Forescout’s Project Memoria, an initiative that aims to provide the cybersecurity community with the largest study on the security of TCP/IP stacks, identifying common vulnerabilities and exploring ways they can be mitigated. Currently, the best ways for businesses to limit potential threats is by conducting risk assessments, using internal DNS servers, and installing security patches as soon as they become available.