“In June of this year, “Ripple20” (not only) shook the Internet of things:

19 vulnerabilities in a TCP/IP Stack for Embedded devices made “hundreds of millions” devices vulnerable, according to their discoverers.

Now, Stack analysis by another team of researchers using Fuzzing, a variant of automated software testing, and static Code analysis have revealed 33 new vulnerabilities, three of which were rated critical.”

auto translated from https://www.heise.de/news/Amnesia-33-ein-Ripple20-Deja-vu-im-Open-Source-Gewand-4982063.html

what to do?

in order develops need to look at the vulnerabilities, fix them, and vendors need to provide automatic updates to all devices

Links:

src: https://www.heise.de/news/Amnesia-33-ein-Ripple20-Deja-vu-im-Open-Source-Gewand-4982063.html

src of src: https://www.forescout.com/company/resources/amnesia33-how-tcp-ip-stacks-breed-critical-vulnerabilities-in-iot-ot-and-it-devices/

admin