Maximizing Healthcare Security with NDR: Best Practices and Buying Tips

Discover how this new NDR technology can help secure your network

AMNESIA:33 Vulnerabilities Affect Millions of IoT Devices

Multiple Healthcare IoT Products Affected by Critical TCP/IP Stack Vulnerabilities
Cynerio
Dec 10, 2020
Threat Intelligence

Advisory Information

The disclosure of 33 vulnerabilities, collectively dubbed AMNESIA:33, found across four open source TCP/IP stacks yesterday affects multiple Healthcare IoT products provided by various vendors. Four vulnerabilities are critical and impact uIP, FNET, picTCP, and Nut/Net TCP/IP stacks commonly developed into IoT and OT systems.

Devices & Vendors Affected

It is estimated that millions of products from as many as 150 vendors are affected by AMNESIA:33, but details regarding the scope or specific devices are yet to be determined. 

The following vendors have released security advisories regarding their affected products:

Cynerio’s research team is currently working closely with Healthcare IoT vendors to determine exactly which devices, versions, and models are affected across your organizations. We’ll be in close contact with you over the coming days as more information is made available.  

Recommendations

We encourage you to check your inventory for devices that may be affected and keep a close eye on any security notifications you receive from manufacturers regarding AMNESIA:33 vulnerabilities. 

How Cynerio Can Help Mitigate the Threat

As we continue to conduct research and work with vendors to clarify which devices and systems are affected, we stress the importance of working with Cynerio to be proactive and employ preventative healthcare-safe Zero Trust security practices:

  1. Continuously monitor Healthcare IoT networks for anomalous communications
  2. Flag all devices with known vulnerabilities
  3. Configure policy tailored to every device and provide step-by-step mitigation plans for every vulnerability
  4. Expedite safe and effective segmentation strategies across your networks to limit potential infections to small areas of the LAN, prevent lateral movement and the spread of malware, and safeguard network and organizational integrity against threats

If you have any questions or concerns, please don’t hesitate to contact us immediately.

read next

Threat Intel: Johnson Controls International (JCI) Hit by Ransomware Attack

Vicki Michaeli
Sep 29, 2023

Threat Intel: Log4j - Critical Zero Day Vulnerability

Cynerio
Dec 13, 2021
Go Back to Blog

Keep your finger on the pulse of Healthcare IoT security

Get Your Free Pass to HIMSS21

August 9 -13, Las Vegas

HOW? Easy! If you are a Healthcare IT Executive and you book a 30-minute call with us before July 30th, you get a free pass (valued at $1295)

Book a Call

*Please note that there is limited pass availability

Product
Healthcare Cybersecurity PlatformPatient Data SecurityNetwork Detection + ResponseComplete Asset VisibilityMedical Device SecurityCynerioLive
Resources
BlogDatasheetsWhite PapersUse CasesPartnershipsInfographicsMediaVideosWebinars
Company
About UsLeadershipPress ReleasesCareersContact Us
Partners
ResellersDistributorsTechnology & Alliance PartnersMSSPReferral Partners
Follow us
Facebook
LinkedIn
X
© Copyrights Cynerio 2024
Privacy Policy
SOC 2 Badge
The Standards of Institution of Israel Badge