Security firm Forescout announced on December 8, 2020 (local time) that it has identified 33 vulnerabilities hidden in four open source libraries, Amnesia: 33 (AMNESIA: 33). Libraries containing this vulnerability have been used by more than 150 vendors, and it is estimated that more than 1 million devices are affected.
Amnesia: 33 is made up of 33 vulnerabilities that affect a variety of products, including many embedded chips, IoT devices, and industrial control system devices. This vulnerability was found in four TCP/IP open source libraries used worldwide (picoTCP, FNET, uIP, Nut/Net). Four of the 33 vulnerabilities are considered dangerous because they stop remote device operation services and cause information leakage.
Amnesia: One of the high risk of exploitation of 33 is remote work, which has rapidly spread in 2020. First, a hacker infiltrates a PC connected to a VPN through a router that has not been countermeasured. If so, there is a possibility that the company and the manufacturing plant system will be cracked sequentially through the cloud and the operation of the plant will be shut down. In addition, retail stores may suffer damage. There is a fear that malicious packets are transmitted through unexpected penetration paths such as a smart thermometer installed on the wall, and receipt printers that are not directly connected to the Internet are stopped, leading to confusion at the cash register. In addition, if a hacker manipulates the network suite through the store system, the local network may be disconnected.
ForeScout recommends countermeasures such as system configuration, IPv6 blocking, risk reduction through segmentation, patching, and suspicious packet monitoring in an internal DNS server to prevent damage caused by Amnesia:33.
According to ForreScout, there are estimated to be more than 150 companies using the library containing Amnesia:33. Related information can be found here .