Forescout Research Labs discovered 33 vulnerabilities impacting millions of IoT, OT and IT devices that present an immediate risk for organizations worldwide.
4
critical vulnerabilities
150+
vendors affected
1M+
IoT, OT & IT devices
THE GLOBAL IMPACT OF AMNESIA:33
AMNESIA:33 is a set of 33 vulnerabilities that impact four open source TCP/IP stacks (uIP, FNET, picoTCP and Nut/Net), which collectively serve as the foundational components of millions of connected devices worldwide. These vulnerabilities primarily cause memory corruption, allowing attackers to compromise devices, execute malicious code, perform denial-of-service attacks and steal sensitive information.
Watch the AMNESIA:33 video to learn how hackers can use these vulnerabilities to reap havoc on organizations.
UNDERSTAND & MITIGATE YOUR RISK
While analyzing IoT, OT and IT risks, Forescout researchers discovered serious vulnerabilities in millions of devices that span enterprise environments everywhere. It’s important to act now to identify vulnerable devices and mitigate these risks across your Enterprise of Things. Learn six best practices you can take to protect your organization.
LEARN HOW FORESCOUT CAN HELP
Get answers to your most pressing questions about AMNESIA:33. Our FAQ document explains how the Forescout platform actively defends against AMNESIA:33, discusses Security Policy Templates (SPTs) for Per-Appliance Licensing and Flexx customers and eyeInspect scripts for these vulnerabilities, and covers risk mitigation best practices.
DIVE INTO THE RESEARCH
Learn how Forescout Research Labs discovered AMNESIA:33 and get details of the study. The report highlights vulnerable open source TCP/IP stacks, exposes widespread device design flaws and explains why work-at-home employees may unknowingly expose your organization to serious risk.
Impact on the Extended Enterprise
AFFECTED DEVICES & SECURITY ADVISORIES
Get up-to-date information about impacted vendors and devices from CERT coordination agencies.
Refer to the latest security advisories about AMENSIA:33 vulnerabilities.
ICS-CERT advisory (icsa-20-343-01) | CERT Coordination Center advisory
BSI (German Federal Office for Information Security) statement | JPCERT advisory
ADDITIONAL RESOURCES
WATCH WEBINAR
A Forescout research engineer and principal systems engineer help you understand and mitigate the impact of AMNESIA:33 during this on-demand webinar.
SEE SPTs IN ACTION
Learn how to identify and mitigate at-risk devices using Forescout Security Policy Templates in our step-by-step video.
STAY INFORMED
Count on Forescout Research Labs for continued cyber-vigilance, breaking news about vulnerabilities and other timely cybersecurity topics.