Presented at
Black Hat Europe 2020 Virtual,
Dec. 9, 2020, 2:20 p.m.
(40 minutes)
In the past few years, there's been a rise in critical vulnerabilities affecting embedded TCP/IP stacks which had remained undiscovered for over a decade. The direct, unauthenticated and sometimes cross-perimeter network exposure of these stacks, the often privileged portions of the system they run in and their position at the top of opaque supply chains complicating vulnerability management efforts make for a highly dangerous mix resulting in periodic waves of critical vulnerabilities affecting billions of devices across industry verticals. But contrary to what many assume, the fragility of these fundamental components isn't limited to specific vendors or older, closed-source stacks alone.<br><br>In this talk, we will present over a dozen new vulnerabilities in multiple widely used embedded TCP/IP stacks deployed in everything from networking equipment and medical devices to industrial control systems. We will discuss the nuances in their exploitability & potential impact and demonstrate a proof-of-concept against a yet-to-be-disclosed high profile target. In addition, we will present the first quantitative & qualitative study into vulnerabilities affecting embedded TCP/IP stacks showing a clear pattern to the affected components & features as well as the root causes of the vulnerabilities that affect them. Finally, we will provide concrete advice on how to mitigate and manage vulnerabilities affecting billions of devices in the absence of centralized patching and notification efforts.
Presenters:
-
Amine Amri
- Security Researcher, Forescout Technologies
Amine Amri holds a Bachelor degree in computer networks from ISITCOM, Hammem Sousse, Tunisia. He has a strong passion towards computer systems and security and has recently joined Forescout in order to continue doing awesome research as a security research engineer.
-
Jos Wetzels
- Security Researcher, Forescout Technologies
Jos Wetzels is a security researcher at Forescout specializing in embedded systems security. He previously worked as a researcher at the Distributed and Embedded Security group (DIES) at the University of Twente (UT) where he developed exploit mitigation solutions for constrained Industrial Control Systems (ICS) used in critical infrastructure, performed various security analyses of state-of-the-art network and host-based intrusion detection systems and has been involved in the AVATAR research project regarding on-the-fly detection and containment of unknown malware and Advanced Persistent Threats. He has assisted teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.
-
Stanislav Dashevskyi
- Security Researcher, Forescout Technologies
Stanislav Dashevskyi is a security researcher at Forescout. He received his PhD from the International Doctorate School in Information and Communication Technologies (ICT) at the University of Trento (Italy) in 2017. His main research interests are open source software, software security, and vulnerability analysis.
-
Daniel dos Santos
- Security Researcher, Forescout Technologies
Daniel dos Santos holds a PhD in computer science from the University of Trento, Italy, and has published over 30 journal and conference papers on cybersecurity. He has experience in software development, security testing, and research. He is now a Research Manager at Forescout Technologies, leading a vulnerability and threat research team, as well as collaborating on the research and development of innovative features for network security monitoring.
Links:
Similar Presentations: