FreeRTOS Has 13 Major Security Flaws
Research performed by Zimperium’s zLabs team uncovered 13 vulnerabilities that could be manipulated to leak information, crash devices, and even take control with remote code execution.
“During our research, we discovered multiple vulnerabilities within FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules. The same vulnerabilities are present in WHIS Connect TCP/IP component for OpenRTOSSafeRTOS,” shared zLabs in their report.
FreeRTOS and SafeRTOS “have been used in a wide variety of industries: IoT, Aerospace, Medical, Automotive, and more,” according to the company’s post.
“Due to the high risk nature of devices in some of these industries, zLabs decided to take a look at the connectivity components that are paired with these OS’s. Clearly, devices that have connectivity to the outside world are at a higher degree of risk of being attacked.”
These OS, being under the Amazon Web Services umbrella, are some of the most widely used IoT OS.
Organizations should check their environments immediately for any vulnerable devices. It’s no longer enough to detect Windows, Mac, and Linux devices. The IoT presents a whole arena of risks. Vulnerabilities can lurk unnoticed until it’s too late.
Syxsense is the solution that gives you a complete view of your environment.
The inventory scan feature will detect any device with an IP address, including IoT devices. To effectively secure your environment, you must know what’s actually in it.
Schedule Your Syxsense Demo
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.