Learn about vulnerabilities in TCP/IP stacks, identify the threats they pose to the modern enterprise and determine best practices to mitigate the risks.
SECURING TCP/IP STACKS
Forescout Research Labs launched its Project Memoria initiative in 2020 with the mission of providing the cyber security community with the most extensive study to date of TCP/IP stacks security.
Under Project Memoria, Forescout researchers collaborate with industry peers, universities and research institutes to analyze common mistakes associated with vulnerabilities in TCP/IP stacks, identify the threats they pose to the extended enterprise and determine best practices to mitigate the risk. Project Memoria’s studies include:
AMNESIA:33, the first study under Project Memoria, published December 8, 2020. AMNESIA:33 is a set of 33 new memory-corrupting vulnerabilities impacting millions of IoT, OT and IT devices that present an immediate risk for organizations worldwide.
NUMBER:JACK, Project Memoria’s second study, published February 10, 2021. It disclosed nine vulnerabilities in multiple TCP/IP stacks that can improperly generate ISNs (Initial Sequence Numbers) within TCP connections, leaving a device’s TCP connections open to attacks.
NAME:WRECK is a collaborative study published by Forescout Research Labs and JSOF on April 13, 2021. It discloses nine vulnerabilities affecting four popular TCP/IP stacks used in millions of IoT, OT and IT devices, and allows for Denial of Service or Remote Code Execution.
MORE TO COME
Under Project Memoria, Forescout Research Labs will continue investigating other TCP/IP stacks in detail and specific vulnerability-prone components. Other activities will include broader discussions on vulnerability disclosures in the emerging IoT/OT world and specific recommendations to actively defend networks and organizations. Check back here for the latest Project Memoria research.