Skip to main content

Amnesia:33 Network Vulnerabilities

Amnesia:33 is a collection of thirty three vulnerabilities affecting several TCP/IP stacks used in a huge variety of products across IoT, OT, RTOSs, SOHO and commercial network gear, and embedded systems.

Threat ID:
CC-3700
Threat Severity:
Low
Published:
9 December 2020 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Amnesia:33 is a collection of thirty three vulnerabilities affecting several TCP/IP stacks used in a huge variety of products across IoT, OT, RTOSs, SOHO and commercial network gear, and embedded systems.

Affected platforms

The following platforms are known to be affected:

FNET TCP/IP stack Versions: all

Nut/Net TCP/IP stack Versions: all

picoTCP TCP/IP stack Versions: all

uIP TCP/IP stack Versions: all

Threat details

Introduction

Security researchers have released details of thirty three vulnerabilities, collectively referred to as Amnesia:33, in four open-source TCP/IP stacks. They claim that a remote attacker could exploit some or all of these vulnerabilities to take control of affected devices, extract sensitive data, or cause denial-of-service conditions.

The affected TCP/IP stacks are used in a wide variety of real-time operating systems, networking equipment, operational technology, embedded systems, and consumer or industrial Internet-of-Things (IoT). At the time of publication, it is expected that products from more than 150 individual vendors or manufacturers are impacted by Amnesia:33.

Vulnerability details

All 33 vulnerabilities were discovered using a combination of manual analysis and automated fuzzing, and affect multiple components of each TCP/IP stack.

Affected TCP/IP stack vulnerability listing
Stack No. of vulnerabilities
FNET 5
Nut/Net 5 (w/ 1 remote code execution)
picoTCP 10 (w/ 1 remote code execution)
uIP 13 (w/ 2 remote code execution)

 

Remediation advice

Due to the nature of the affected TCP/IP stacks, as well as their widespread prevalence across multiple industry sectors, it is highly likely that updated versions will take several months to propagate down to vendors, or may not at all in some cases.

As such, affected organisations are encouraged to consider the below network mitigations to partially address the Amnesia:33 vulnerabilities.

Remediation steps

Type Step
Guidance

Block or disable IPv6 traffic where it is not required. Several Amnesia:33 vulnerabilities are related to IPv6 packet components.
Guidance

Configure vulnerable devices to use internal DNS services where possible. Several Amnesia:33 vulnerabilities rely on malicious DNS servers for exploitation.
Guidance

Monitor network and DNS traffic for anomalous or malformed packets.

Indicators of compromise

Reserved CVE identifiers

Please note that the below CVE identifiers are reserved only. All identifiers will be replaced in the appropriate sections as they are acknowledged and published by the relevant vendors.

  • CVE-2020-13984
  • CVE-2020-13985
  • CVE-2020-13986
  • CVE-2020-13987
  • CVE-2020-13988
  • CVE-2020-17437
  • CVE-2020-17438
  • CVE-2020-17439
  • CVE-2020-17440
  • CVE-2020-17441
  • CVE-2020-17442
  • CVE-2020-17443
  • CVE-2020-17444
  • CVE-2020-17445
  • CVE-2020-17467
  • CVE-2020-17468
  • CVE-2020-17469
  • CVE-2020-17470
  • CVE-2020-24334
  • CVE-2020-24335
  • CVE-2020-24336
  • CVE-2020-24337
  • CVE-2020-24338
  • CVE-2020-24339
  • CVE-2020-24340
  • CVE-2020-24341
  • CVE-2020-24383
  • CVE-2020-25107
  • CVE-2020-25108
  • CVE-2020-25109
  • CVE-2020-25110
  • CVE-2020-25111
  • CVE-2020-25112

Last edited: 10 December 2020 12:12 pm