Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices. The shortcomings, collectively dubbed “INFRA:HALT,” target NicheStack, potentially enabling an attacker to achieve remote code execution, denial of service, information leak, TCP spoofing, and even DNS cache poisoning. The vulnerabilities are the sixth to be identified in the protocol stacks that underpin millions of internet-connected devices. About 6,400 OT devices exposed online and connected to the internet as of March 2021.
Source: https://thehackernews.com/2021/08/critical-flaws-affect-embedded-tcpip.html