Forescout revealed that four popular TCP/IP stacks specifically FreeBSD, Siemens’ Nucleus, IPnet and NetX are affected by a total of nine DNS-related flaws that can be exploited for remote code execution, DoS attacks, and DNS cache poisoning.
The vulnerabilities, collectively tracked as NAME:WRECK, could affect billions of devices that use these TCP/IP stacks for network communications, but Forescout researchers estimate that at least 100 million devices are exposed to attacks.
Siemens released advisories related to NAME:WRECK: one advisory to describe two out-of-bounds write flaws that can lead to code execution or DoS attacks, another advisory for a DNS cache poisoning issue, one advisory for two DoS vulnerabilities, and two advisories for the same four DoS and DNS cache poisoning flaws.
Affected products include Nucleus 4, Nucleus NET, Nucleus RTOS, Nucleus ReadyStart, and VSTAR, as well as the Nucleus source code. Siemens has released patches for some of the impacted products and it has also provided workarounds and mitigations to reduce the risk until a patch can be installed .
Forescout wrote in its report on the NAME:WRECK vulnerabilities, “According to the website of Nucleus RTOS, it is deployed in more than 3 billion devices. A quick look at Siemens’ page listing customer success stories reveals its use in scenarios such as healthcare , IT and critical devices. But we believe that most of those 3 billion are actually device components such as MediaTek IoT chipsets and baseband processors used in smartphones and other wireless devices
Siemens also published advisories for vulnerabilities affecting TIM 4R-IE, LOGO! Soft Comfort, Siveillance Video Open Network Bridge (ONVIF), Opcenter Quality, QMS Automotive, Control Center Server (CCS), Tecnomatix RobotExpert, SCALANCE X-200, Solid Edge, and SINEMA Remote Connect Server products.