https://www.zdnet.com/article/this-old-security-vulnerability-left-millions-of-internet-of-things-devices-vulnerable-to-attacks/
TCP/IP stacks found to contain the vulnerabilities include several open-source stacks analysed in Forescout's previous study, including uIP, FNET, picoTCP, Nut/Net, cycloneTCP and uC/TCP-IP. Vulnerabilities have also been discovered in Siemens' Nucleus NET, Texas Instruments' NDKTCPIP and Microchip's MPLAB Net.
tl;dr: you'll get some patches in the next few days and weeks. APPLY THEM! :smug:
Typical IoT Security. Randomizing ISNs has been a known requirement for years. Anyone check if they are also vulnerable to ping of death? I don't really expect many patches. The open source guys will patch the code, but none of the vendors that use it in their device is going to patch unless it is by accident.
-Otanx
I know Siemens is working on some stuff. But, yes, there's older stuff still on a prod line that needs to be firewalled off ASAP.