A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise and expose any device in an internal network, according to the latest research.
Detailed by enterprise IoT security firm Armis, the new attack (CVE-2020-16043 and CVE-2021-23961) builds on the previously disclosed technique to bypass routers and firewalls and reach any unmanaged device within the internal network from the Internet.
First disclosed by security researcher Samy Kamkar in late October 2020, the JavaScript-based attack relied on luring a user into visiting a malicious website to circumvent browser-based port restrictions and allow the attacker to remotely access TCP/UDP services on the victim's device, even those that were protected by a firewall or NAT.
Although partial mitigations were released on November 11 to thwart the attack in Chrome 87, Firefox 84, and Safari by preventing connections on port 5060 or 5061, Armis researchers Ben Seri and Gregory Vishnipolsky revealed that "NAT Slipstreaming 2.0" puts "embedded, unmanaged, devices at greater risk, by allowing attackers to expose devices located on internal networks, directly to the ..
Support the originator by clicking the read the rest link below.
