all InfoSec news
SSA-201384 V1.2 (Last Update: 2022-01-11): Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Security researchers discovered and disclosed 9 vulnerabilities in several DNS implementations, also known as “NAME:WRECK” vulnerabilities. The vulnerability described in this advisory is from this set.
The DNS client of of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability related to the handling of UDP port numbers in DNS requests that could allow an attacker to poison the DNS cache or spoof DNS resolving.
Siemens has released updates for several affected products and recommends …
advisory client dns dns client name networking nucleus operating system port real researchers rtos security security researchers ssa system udp update vulnerabilities vulnerability