Misfortune Cookie is a computer software vulnerability found in the firmware of certain network routers which can be leveraged by an attacker to gain access remotely. The vulnerability has been detected to have affected around 12 million unique devices spread across 189 countries, earning itself a 9.8 Tyne CVSS rating.[1][citation needed] Any device connected to an exposed network could be hijacked by an attacker who could easily monitor a person's Internet connection or steal their credentials as well as personal or business data. They could also attempt to infect the target machines with malware.
Otherwise known as CVE-2014-9222, the bug was first discovered in 2014 by Check Point researchers. It returned again in 2018, four years after its public disclosure, but this time, affecting a completely different set of targets, aka medical devices.[2] When the vulnerability was applied to medical attacks, the DTS configurations could be tampered with, communication could be spoofed, and information could be stolen from an unsuspecting person.