A new variant of the network address translation (NAT) Slipstreaming attack has been uncovered. It can be leveraged by remote hackers to compromise and expose any device in an internal network, even if they do not have access to the internet.
According to the enterprise IoT security firm Armis, the new attack – CVE-2020-16043 and CVE-2021-23961 – can bypass firewalls and routers to reach any unmanaged device within the internal network from the internet.
Vulnerable devices that could be exposed due to this attack include industrial controllers, office printers, IP cameras, and unauthenticated interfaces that could be exploited when the NAT/firewall is tricked into opening network traffic to the victim device.
To Read More: TheHackerNews
