The FreeRTOS Vulnerability Disaster

Internet of things

The FreeRTOS Vulnerability Disaster- New vulnerabilities have been discovered in FreeRTOS, the open-source operating system that runs most of the small microprocessors and microcontrollers used in many IoT hardware items.

The flaws are in the TCP/IP stack, and they affect FreeRTOS.

The versions affected

FreeRTOS V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS V1.3.1, OpenRTOS, and SafeRTOS (with WHIS Connect middleware TCP/IP components) are all affected.

Why is this such a calamity?

Many IoT devices run on FreeRTOS. These gadgets are frequently low-cost and difficult to patch. Many of these gadgets, in fact, have firmware that hasn’t been updated in years.

Fitness trackers, temperature monitors, appliances, cars, door locks, water metres, and a variety of other small devices are examples of goods that use FreeRTOS. The devices that use TCP/IP are the ones that are vulnerable. This indicates that the gadgets are internet-capable.

Because these devices are connected, we can assume that they can be patched as well.

Will they, however, succeed?

Probably not. As a result, this is a vulnerability that could be exploited for years to come.

Get into the Cyber Security Career now!

The following is a complete list of the vulnerabilities that affect FreeRTOS, along with their identifiers:

CVE-2018-16522 Remote Code Execution
CVE-2018-16525 Remote Code Execution
CVE-2018-16526 Remote Code Execution
CVE-2018-16528 Remote Code Execution
CVE-2018-16523 Denial of Service
CVE-2018-16524 Information Leak
CVE-2018-16527 Information Leak
CVE-2018-16599 Information Leak
CVE-2018-16600 Information Leak
CVE-2018-16601 Information Leak
CVE-2018-16602 Information Leak
CVE-2018-16603 Information Leak
CVE-2018-16598 Other
Nmap 7.80 DEF CON Release: First Stable Version in Over a Year


Previous Post
What is the Best Alternative To Cable TV in the USA

What’s the Best Alternative To Cable TV in the USA?

Next Post

Interesting Cyber Crime Stories

Related Posts