AMNESIA:33. (BSA-2020-1167)
21596
20 March 2023
09 December 2020
CLOSED
N/A
N/A
N/A
CVE-2020-17440, CVE-2020-17441, CVE-2020-17443, CVE-2020-13987, CVE-2020-17442, CVE-2020-13986, CVE-2020-13984, CVE-2020-13988, CVE-2020-17439, CVE-2020-17445, CVE-2020-17444, CVE-2020-13985, CVE-2020-17468, CVE-2020-17467, CVE-2020-17469, CVE-2020-24337, CVE-2020-24341, CVE-2020-24383, CVE-2020-24336, CVE-2020-24340, CVE-2020-17470, CVE-2020-24339, CVE-2020-24338, CVE-2020-17438, CVE-2020-24334, CVE-2020-25108, CVE-2020-25109, CVE-2020-25112, CVE-2020-17437, CVE-2020-25107, CVE-2020-25110, CVE-2020-25111
Summary
Security Advisory ID: BSA-2020-1167
Component: Open source TCP/IP stacks.
Revision: 1.1
Forescout Research Labs discovered 33 vulnerabilities impacting millions of IoT, OT, and IT devices that present an immediate risk for organizations worldwide. These vulnerabilities are named AMNESIA:33.
Detailed information can also be found at:
- https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01
- https://www.forescout.com/act-now-to-identify-and-mitigate-risks-posed-by-33-new-memory-corrupting-vulnerabilities/
- https://kb.cert.org/vuls/id/815128
Products Confirmed Not Vulnerable
No Brocade Fibre Channel Products from Broadcom products are currently known to be affected by these vulnerabilities.
Note: Brocade Manageability products are not vulnerable to AMNESIA:33. However, since the environment that runs the products is not under Brocade's control, Brocade recommends Customers apply recommendations from the vendors.
Revision History
| Version | Change | Date |
|---|---|---|
| 1.0 | Initial Publication | December 09, 2020 |
| 1.1 | Removed duplicate entry for CVE-2020-24340 | February 16, 2023 |