Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

AWS FreeRTOS vulnerabilities could crash IoT devices, warn cyber security researchers

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 24 Oct 2018 05:40:58 +0000 (UTC)
http://www.itpro.co.uk/bugs/32164/aws-freertos-vulnerabilities-could-crash-iot-devices-warn-cyber-security-researchers

By Rene Millman
IT Pro
October 22, 2018
Security researchers have discovered vulnerabilities in a popular operating system aimed at IoT devices that could enable attackers to crash connected devices in critical infrastructure systems and smart homes.
Researchers at IT security firm Zimperium discovered there are around 13 flaws in the FreeRTOS operating system that could let hackers crash devices, leak data or remotely execute code on them, allowing the devices to be compromised.
The flaws impact FreeRTOS V10.0.1 and below (with FreeRTOS+TCP), and AWS FreeRTOS V1.3.1 and below.
FreeRTOS has been ported to over 40 hardware platforms over the last 14 years, according to Zimperium researcher Ori Karliner. In November 2017, Amazon Web Services (AWS) took stewardship for the FreeRTOS kernel and its components. 

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: