NAME:WRECK DNS vulnerabilities affect over 100 million devices

Minimalist · Apr 13, 2021

Security researchers today disclosed nine vulnerabilities affecting implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices.

Collectively referred to as NAME: WRECK, the flaws could be leveraged to take offline affected devices or to gain control over them.

The vulnerabilities were found in widespread TCP/IP stacks that run on a wide range of products, from high-performance servers and networking equipment to operational technology (OT) systems that monitor and control industrial equipment.
Click to expand...

https://www.bleepingcomputer.com/ne...nerabilities-affect-over-100-million-devices/

Page42 · Apr 13, 2021

I wonder if DNS platforms like Quad9 have any impact on vulnerabilities like NAME:WRECK?

Minimalist · Apr 13, 2021

Page42 said: ↑

I wonder if DNS platforms like Quad9 have any impact on vulnerabilities like NAME:WRECK?
Click to expand...

One of mitigations propose to " - Configure devices to rely on internal DNS servers". So it seems that DNS server can at least minimize attack surface (by not trying to exploit vulnerable devices?). Patching clients is IMO still better to rely on.

reasonablePrivacy · Apr 13, 2021

Minimalist said: ↑

One of mitigations propose to " - Configure devices to rely on internal DNS servers". So it seems that DNS server can at least minimize attack surface (by not trying to exploit vulnerable devices?). Patching clients is IMO still better to rely on.
Click to expand...

Probably some clients (IoT devices? out-of-support smartTVs, smart laundry machines) will not be patched by vendor, so you must find other way to protect them.

Minimalist · Apr 13, 2021

reasonablePrivacy said: ↑

Probably some clients (IoT devices? out-of-support smartTVs, smart laundry machines) will not be patched by vendor, so you must find other way to protect them.
Click to expand...

Yes I agree. Anything that helps is better than nothing with such devices.

ronjor · Apr 15, 2021

NAME:WRECK DNS Vulnerabilities
Original release date: April 15, 2021

Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System (DNS) implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Internet of Things (IoT), operational technology (OT), and information technology (IT) devices. A remote attacker could exploit these vulnerabilities to take control of an affected system.
Click to expand...

CISA encourages users and administrators to review the Forescout Research Labs and JSOF Research Labs report NAME:WRECK Breaking and Fixing DNS Implementations
and Forescout NAME:WRECK web page for more information, including recommended mitigations.
Click to expand...

Log in or Sign up

NAME:WRECK DNS vulnerabilities affect over 100 million devices

Minimalist Registered Member

Page42 Registered Member

Minimalist Registered Member

reasonablePrivacy Registered Member

Minimalist Registered Member

ronjor Global Moderator

Log in or Sign up

NAME:WRECK DNS vulnerabilities affect over 100 million devices

Minimalist Registered Member

Page42 Registered Member

Minimalist Registered Member

reasonablePrivacy Registered Member

Minimalist Registered Member

ronjor Global Moderator

Useful Searches