Project Memoria and errors in embedded TCP/IP stacks
Many consumer IoT devices these days, such as routers, modems, network attached storage (NAS) boxes, and network video recorders (NVRs) use Linux kernel-based firmware. But industrial and medical embedded devices still rely on real-time operating systems (RTOSes) like VxWorks for their firmware.
Although this means that there is more diversity in firmware in the world of industrial IoT, there are still some components that can be shared by different RTOSs, including TCP/IP stacks. These complex code bases use some of the basic protocols of the Internet – DNS, HTTP, FTP, ARP, ICMP, etc. – and were written decades ago as proprietary libraries that were then sold to embedded operating system vendors.
In 2020, researchers from the security firm Forescout in collaboration with universities and other companies launched a project to analyze proprietary TCP/IP stacks used in industrial machines. Known as Project Memoria, the research lasted 18 months and resulted in the discovery of 104 vulnerabilities, many critical, in multiple TCP/IP stacks and libraries used in more than 250,000 embedded device models from more than 500 vendors.
Source link