https://www.itnews.com.au/news/network-zero-days-leave-millions-of-iot-devices-open-to-abuse-549354
By Juha Saarinen itnews.com.au June 17, 2020 Security researchers analysing a network stack used in hundreds of millions of devices found that it contained serious vulnerabilities that could be exploited by attackers for remote code execution and data exfiltration. The software library is made by Treck, which specalises in transmission control protocol/internet protocol (TCP/IP) networking stacks for embedded devices. JSOF, which started analysing Treck's software in September last year, found a total of 19 vulnerabilities. Of these, four are marked as critical, having ratings over 9 under the Common Vulnerabilities Scoring System version 3 and can be considered as zero-days, JSOF said. [...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
