[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] AWS FreeRTOS vulnerabilities could crash IoT devices, warn cyber security researchers
From: InfoSec News <alerts () infosecnews ! org>
Date: 2018-10-24 5:40:58
Message-ID: alpine.DEB.2.20.1810240540470.9150 () ip-172-30-0-239 ! ec2 ! internal
[Download RAW message or body]
http://www.itpro.co.uk/bugs/32164/aws-freertos-vulnerabilities-could-crash-iot-devices-warn-cyber-security-researchers
By Rene Millman
IT Pro
October 22, 2018
Security researchers have discovered vulnerabilities in a popular
operating system aimed at IoT devices that could enable attackers to crash
connected devices in critical infrastructure systems and smart homes.
Researchers at IT security firm Zimperium discovered there are around 13
flaws in the FreeRTOS operating system that could let hackers crash
devices, leak data or remotely execute code on them, allowing the devices
to be compromised.
The flaws impact FreeRTOS V10.0.1 and below (with FreeRTOS+TCP), and AWS
FreeRTOS V1.3.1 and below.
FreeRTOS has been ported to over 40 hardware platforms over the last 14
years, according to Zimperium researcher Ori Karliner. In November 2017,
Amazon Web Services (AWS) took stewardship for the FreeRTOS kernel and its
components.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic