A long-known implementation error in the Transmission Control Protocol (TCP) that network devices use to communicate with each other continues to persist in TCP/IP stacks used in millions of IT, OT, and IoT devices.
The vulnerabilities give attackers a way to hijack TCP connections, close them, spoof packets, bypass authentication, and inject data into network traffic. The flaws were discovered in nine out of 11 TCP/IP stacks recently analyzed by Forescout as part of a broader study in recent months of the communication protocol’s security.
The vulnerabilities—the same across all nine stacks—involve the manner in which the so-called Initial Sequence Number (ISN) is generated.
The ISN ensures that every TCP connection is unique, that there are no collisions with other connections, and that no third party can interfere with an ongoing connection. To guarantee this, the ISN is randomly generated so no one can…