[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] AWS FreeRTOS vulnerabilities could crash IoT devices, warn cyber security researchers
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2018-10-24 5:40:58
Message-ID: alpine.DEB.2.20.1810240540470.9150 () ip-172-30-0-239 ! ec2 ! internal
[Download RAW message or body]

http://www.itpro.co.uk/bugs/32164/aws-freertos-vulnerabilities-could-crash-iot-devices-warn-cyber-security-researchers

By Rene Millman
IT Pro
October 22, 2018

Security researchers have discovered vulnerabilities in a popular 
operating system aimed at IoT devices that could enable attackers to crash 
connected devices in critical infrastructure systems and smart homes.

Researchers at IT security firm Zimperium discovered there are around 13 
flaws in the FreeRTOS operating system that could let hackers crash 
devices, leak data or remotely execute code on them, allowing the devices 
to be compromised.

The flaws impact FreeRTOS V10.0.1 and below (with FreeRTOS+TCP), and AWS 
FreeRTOS V1.3.1 and below.

FreeRTOS has been ported to over 40 hardware platforms over the last 14 
years, according to Zimperium researcher Ori Karliner. In November 2017, 
Amazon Web Services (AWS) took stewardship for the FreeRTOS kernel and its 
components.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
[prev in list] [next in list] [prev in thread] [next in thread]