Researchers at Forescout published a report for 33 vulnerabilities that reportedly impacts millions of devices. Dubbed AMNESIA:33, the vulnerabilities can potentially affect millions of Operational Technology (OT), Internet of Things (IoT) and IT devices, including multiple remote code execution (RCE) flaws. This means attackers could execute code and gain full control over the devices.
Rody Quinlan, Research Engineer, Security Response at Tenable saying that AMNESIA:33 follows in the footsteps of Ripple20 and URGENT/11.
“The Cybersecurity & Infrastructure Security Agency (CISA) has issued an advisory for a series of recently disclosed vulnerabilities dubbed “AMNESIA:33,” urging organisations to take defensive measures. CISA has highlighted 13 impacted vendors in its advisory.”
“AMNESIA:33, aptly named given the root cause for the majority of the 33 vulnerabilities resides in memory, are concerning. They potentially affect millions of Operational Technology (OT), Internet of Things (IoT) and IT devices, including multiple remote code execution (RCE) flaws. This means attackers could execute code and gain full control over the devices.
“When OT infrastructure is vulnerable there is always concern, particularly as the uptime and security of these systems is essential to our way of life. If exploited, the implications could be far reaching. The list of vendors with advisories is currently quite small, but with over 150 suspected to be affected, this is expected to grow in the coming days and weeks.
“The libraries impacted by AMNESIA:33 are used in devices ranging from consumer IoT, such as smart home systems, to commercial HVAC and power monitoring devices. This has implications to anything that needs to be handled, transported, or stored at a specific temperature or automated systems used to monitor and maintain safe power loads.
“AMNESIA:33 follows in the footsteps of Ripple20 and URGENT/11. Ripple20 is a set of 19 vulnerabilities in the TCP/IP library created by Treck, while URGENT/11 is a set of 11 vulnerabilities in VxWorks, a Real-Time Operating System (RTOS). Like AMNESIA:33, Ripple20 and URGENT/11 each reportedly affected millions of OT, IoT and IT devices.
“Given a proof of concept is available for one of the RCE vulnerabilities, it’s likely attacks are imminent. It’s imperative organisations take immediate action to determine if systems are vulnerable, and take steps to reduce the impact before any attacks, by applying the updates and remediative action where patches aren’t available.”
