Information Security News mailing list archives
AWS FreeRTOS vulnerabilities could crash IoT devices, warn cyber security researchers
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 24 Oct 2018 05:40:58 +0000 (UTC)
http://www.itpro.co.uk/bugs/32164/aws-freertos-vulnerabilities-could-crash-iot-devices-warn-cyber-security-researchers By Rene Millman IT Pro October 22, 2018Security researchers have discovered vulnerabilities in a popular operating system aimed at IoT devices that could enable attackers to crash connected devices in critical infrastructure systems and smart homes.
Researchers at IT security firm Zimperium discovered there are around 13 flaws in the FreeRTOS operating system that could let hackers crash devices, leak data or remotely execute code on them, allowing the devices to be compromised.
The flaws impact FreeRTOS V10.0.1 and below (with FreeRTOS+TCP), and AWS FreeRTOS V1.3.1 and below.
FreeRTOS has been ported to over 40 hardware platforms over the last 14 years, according to Zimperium researcher Ori Karliner. In November 2017, Amazon Web Services (AWS) took stewardship for the FreeRTOS kernel and its components.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- AWS FreeRTOS vulnerabilities could crash IoT devices, warn cyber security researchers InfoSec News (Oct 23)