Cybersecurity researchers have disclosed an unpatched vulnerability in the domain name system (DNS) component of two popular C standard libraries that could pose a severe risk to IoT products.
The issue was originally reported in September 2021. it affects the DNS implementation of two popular C libraries called uClibc and uClibc-ng used to develop embedded Linux systems.
DNS poisoning is the technique of corrupting a DNS resolver cache which provides the IP address on a server controlled by the attacker instead of the legitimate location to clients to redirect users to malicious websites.
According to researchers at Nozomi Networks, a fix is not currently available from the developer of uClibc, leaving products of up to 200 vendors at risk.
Successful exploitation of the bug could allow an attacker to carry out Man-in-the-Middle (MitM) attacks and corrupt the DNS cache, and effectively rerouting internet traffic to a server under their control.
Nozomi Networks also cautioned that the vulnerability could be exploited trivially in a reliable manner if the operating system is configured to use a fixed or predictable source port.
“The attacker could then steal and/or manipulate information transmitted by users and perform other attacks against those devices to compromise them completely,” the researchers said.
Users of IoT and router devices should keep an eye on new firmware releases from vendors and apply the latest updates as soon as they become available.
Found this article interesting? click here to read more exclusive content we post.
