Diagram of attack scenario (Source: Forescout and JSOF) Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices. The group of vulnerabilities, dubbed Name:Wreck, affects the FreeBSD, IPNet, NetX and Nucleus NET stacks. The widespread use of these stacks, together with external exposure of the vulnerable DNS clients, could dramatically increase the attack surface for organizations, JSOF says. "Organizations in the healthcare and government sectors are in the top three most affected for all three stacks," Forescout says. "If we conservatively assume that 1% of the more than 10 billion deployments … are vulnerable, we can estimate that at least 100 million devices [could potentially be] impacted by Name:Wreck."