Networked Energy Services Products Unaffected by AMNESIA:33 TCP Vulnerability
San Jose, CA, December 9th, 2020: On December 8th, 2020, Forescout1 disclosed 33 software security vulnerabilities affecting millions of embedded devices worldwide. This bundle of vulnerabilities is called AMNESIA:33. They were found in four open-source TCP/IP stacks; 4 of the vulnerabilities are considered critical.
NES has immediately conducted a review of its products and solutions and can confirm that they are unaffected by AMNESIA:33 vulnerabilities. AMNESIA:33 applies to four specific implementations of the TCP/IP stack. NES products do not use these stacks.
NES can also confirm that the Open Smart Grid Protocol (OSGP), that it employs in its meters, does not utilize these TCP/IP stacks and so is unaffected.
NES takes all aspects of the security of its products very seriously. This includes the responsibility for brisk disclosure of any identified security vulnerabilities to customers and partners. Cyber-security is of growing concern in the utilities sector and especially in Smart Grids.
About Networked Energy Services Corporation (NES)
Networked Energy Services Corporation is a global smart energy leader in the worldwide transformation of the electricity grid into an energy control network, enabling utilities to provide their customers with a more efficient and reliable service, to protect their systems from current and emerging cybersecurity threats, and to offer innovative new services that enable active, intelligent use of energy. NES was formed as a result of the spinoff of Echelon Corporation’s Grid Modernization Division in October 2014. NES is headquartered in the US with R&D centers located in Silicon Valley and Poland, and sales offices throughout the world. NES’ smart grid technology is used in nearly 40 million smart meters and other smart end devices around the world. NES is a member of the OSGP Alliance, a global association of utilities and smart grid companies, which promotes the Open Smart Grid Protocol and cooperates to provide utilities greater value by enabling true, independently-certified, multi-vendor interoperability based upon open international specifications and standards. You can find out more information about NES, its Patagonia Energy Applications PlatformTM (including grid management software, distributed control nodes, and smart meters) and services at: www.networkedenergy.com.