The vulnerabilities the same across all nine stacks involve the manner in which the so-called Initial Sequence Number (ISN) is generated.
The ISN ensures that every TCP connection is unique, that there are no collisions with other connections, and that no third party can interfere with an ongoing connection. To guarantee this, the ISN is randomly generated so no one can guess the number and use it to hijack an ongoing connection or spoof a new one.
Forescout s analysis showed problems with the manner in which the TCP/IP stacks that were analyzed generate the ISNs. In nine of the 11 stacks, the ISNs were improperly generated, leaving the connections open to attacks. In some cases, the numbers were predictable, and in others, the problem had to do with the underlying algorithm. In other cases, the numbers had constant increments, while others used a combination of values that could be inferred, Forescout said in its report.