Ornamental dots. Two rows of three dots. The top row is a light blue. The bottom row is one light blue dot followed by two orange dots.

Vulnerability Research

Original Cyber Vulnerability Research

Vedere Labs conducts original research into cyber vulnerabilities that impact multiple industries and recommends appropriate mitigation steps. We follow coordinated vulnerability disclosure practices. In cases where our dedicated research team discovers security vulnerabilities in third-party vendors’ software, hardware or products, we make good-faith efforts to privately contact the third-party vendor with details of the findings and give them a chance to fix the issues before releasing the research to the public.

Read Our Disclosure Policy

Access:7 - How Supply Chain Vulnerabilities Can Allow Unwelcomed Access to Medical and IoT Devices

Forescout’s Vedere Labs and CyberMDX discovered seven supply chain vulnerabilities, including three that are rated critical by CISA, impacting medical and IoT devices that present an immediate risk to healthcare organizations, as well as the financial services and manufacturing sector.

Latest Research Reports

Access:7 - How Supply Chain Vulnerabilities Can Allow Unwelcomed Access to Medical and IoT Devices

Forescout’s Vedere Labs and CyberMDX discovered seven supply chain vulnerabilities, including three that are rated critical by CISA, impacting medical and IoT devices that present an immediate risk to healthcare organizations, as well as the financial services and manufacturing sector.

Download Report
Dissecting the Nucleus TCP/IP Stack

NUCLEUS:13 - Dissecting the Nucleus TCP/IP Stack

Vedere Labs, with support from Medigate Labs, have discovered a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack, which we are collectively calling NUCLEUS:13. These vulnerabilities allow for remote code execution, denial of service, and information leak. Nucleus has been in use for nearly 30 years in safety-critical devices, such as anesthesia machines, patient monitors, and others in healthcare.

Download Report

INFRA:HALT - Jointly discovering and mitigating large-scale OT vulnerabilities

Vedere Labs and JFrog Security Research discover 14 new vulnerabilities affecting closed source TCP/IP stack NicheStack, allowing for Denial of Service or Remote Code Execution primarily affecting operational technology (OT) and industrial control system (ICS) devices.

DOWNLOAD REPORT

NAME:WRECK – 9 DNS Vulnerabilities

Vedere Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of nine Domain Name System (DNS) vulnerabilities that impact four TCP/IP stacks and affect 100+ million IoT devices with the potential to cause either Denial of Service (DoS) or Remote Code Execution, allowing attackers to take targeted devices offline or to gain control over them. Read the report to learn how to protect enterprise IT, IoT and OT devices.

DOWNLOAD REPORT

NUMBER:JACK – Weak ISN Generation in Embedded TCP/IP Stacks

In the second study of Project Memoria, Vedere Labs discovers NUMBER:JACK, a set of vulnerabilities related to ISN generation that can be used to hijack or spoof TCP connections.

DOWNLOAD REPORT

AMNESIA:33 – 33 Memory-Corruption Vulnerabilities

Vedere Labs discovered 33 new memory-corruption vulnerabilities that impact open source TCP/IP stacks – four scoring as critical. The report details how enterprises can identify these risks and take protective action to avoid breaches.

DOWNLOAD REPORT

The Underlying Risks Found in Healthcare Devices

Vedere Labs analyzed Device Cloud data from healthcare organizations to determine how TCP/IP stack vulnerabilities affect them. The report details 20 significant findings and provides four critical recommendations to mitigate risks to your organization.

DOWNLOAD THE REPORT

New Research Identifies Security Risks in Healthcare

Analysis of healthcare delivery organizations reveals insights into increased attack surfaces and security risks.

Download Report

Enterprise of Things Security Report: The State of IoT Security in 2020

Vedere Labs identifies the top 10 riskiest devices and helps security teams determine the most effective next steps to secure them.

DOWNLOAD REPORT

Rise of the Machines – Transforming Cybersecurity Strategy for the Age of IoT

This research paper dives into the Internet of Things (IoT) revolution, the risks and challenges it brings and how to transform your cybersecurity strategy to protect your enterprise network in the age of IoT.

DOWNLOAD REPORT

BAS Research Report: The Current State of Smart Building Cybersecurity

The Forescout OT Research Team offers an analysis of its vulnerability and malware research for devices commonly used in building automation system (BAS) networks.

DOWNLOAD REPORT
Putting Healthcare Security Under the Microscope

Putting Healthcare Security Under the Microscope

The Internet of Medical Things (IoMT) continues to offer exciting possibilities for healthcare organizations to improve patient care. However, this digital transformation and increase in connectivity is also introducing new privacy and security risks. The device landscape is growing exponentially, adding to the complexity of networks and making it difficult to manage and improve their security posture.

Download Report
Banking on IoT Security Leveraging Device Data to Manage Risk in Financial Services

Banking on Security: Leveraging Device Data to Manage Risk in Financial Services

Forescout’s Research team analyzed device deployments from some of the world’s leading financial institutions and identified disturbing findings that indicate a lack of maturity in key areas such as device visibility and network segmentation. The research suggests that many banking and retail devices are within proximity of non-traditional (IoT and OT) devices, exposing networks to elevated opportunities for attackers to move laterally between critical infrastructure and the data center.

Download Report

From Events to TTPs: Maturing OT Incident Response with MITRE ATT&CK for ICS

The growing threat landscape for operational technology (OT) networks, exemplified by a number of recent ransomware attacks, has prompted critical infrastructure organizations to better prepare themselves for impactful cyber incidents. To do this, stakeholders responsible for critical infrastructure and services are maturing their security operations centers (SOCs) and increasing their use of cyber threat intelligence (CTI). Many now consider adversarial Tactics, Techniques and Procedures (TTPs) to be their most valuable CTI tool.

Download Report