Wind River, the company that built and maintains the VxWorks operating system has released patches to its partners and customers. Such an attack has a severe potential, resembling that of the EternalBlue vulnerability, used to spread the WannaCry malware." "These devastating traits make these vulnerabilities 'wormable,' meaning they can be used to propagate malware into and within networks. "URGENT/11 is serious as it enables attackers to take over devices with no user interaction required, and even bypass perimeter security devices such as firewalls and NAT solutions," the Armis researchers said in their report. The flaws are located in the operating system's TCP/IP stack, a core component that handles network communications, and six of them can result in remote code execution (RCE). Researchers from IoT security firm Armis, who found the vulnerabilities, dubbed them URGENT/11 due to their widespread impact. Many of the flaws allow attackers to take over devices remotely by just sending network packets, which make them particularly dangerous. Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and medical equipment.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |