Security researchers have discovered vulnerabilities in a popular operating system aimed at IoT devices that could enable attackers to crash connected devices in critical infrastructure systems and smart homes.
Researchers at IT security firm Zimperium discovered there are around 13 flaws in the FreeRTOS operating system that could let hackers crash devices, leak data or remotely execute code on them, allowing the devices to be compromised.
The flaws impact FreeRTOS V10.0.1 and below (with FreeRTOS+TCP), and AWS FreeRTOS V1.3.1 and below.
FreeRTOS has been ported to over 40 hardware platforms over the last 14 years, according to Zimperium researcher Ori Karliner. In November 2017, Amazon Web Services (AWS) took stewardship for the FreeRTOS kernel and its components.
He said that AWS FreeRTOS aims to provide a fully-enabled IoT platform for microcontrollers, by bundling the FreeRTOS kernel together with the FreeRTOS TCP/IP stack, modules for secure connectivity, over the air updates, code signing, AWS cloud support, and more.
"During our research, we discovered multiple vulnerabilities within FreeRTOS's TCP/IP stack and in the AWS secure connectivity modules. The same vulnerabilities are present in WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS," explained Karliner.
"These vulnerabilities allow an attacker to crash the device, leak information from the device's memory, and remotely execute code on it, thus completely compromising it."
The bugs include four remote code execution bugs (CVE-2018-16522, CVE-2018-16525, CVE-2018-16526, and CVE-2018-16528); seven information leak vulnerabilities (CVE-2018-16524, CVE-2018-16527, CVE-2018-16599, CVE-2018-16600, CVE-2018-16601, CVE-2018-16602, CVE-2018-16603) one denial of service flaw (CVE-2018-16523) and an unspecified flaw (CVE-2018-16598).
Karliner said the bugs were disclosed to Amazon who collaborated with them to create patches for the bugs. These patches were deployed for AWS FreeRTOS versions 1.3.2 and onwards.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Should your business start a bug bounty program?In-depth Big tech firms including Google, Apple and Microsoft offer bug bounty programs, but can they benefit smaller businesses too?
-
OpenAI to pay up to $20k in rewards through new bug bounty programNews The move follows a period of unrest over data security concerns
-
Windows 11 System Restore bug preventing users from accessing appsNews Microsoft has issued a series of workarounds for the issue which is affecting a range of apps including Office and Terminal
-
Windows 10 users encounter ‘blue screen of death’ after latest Patch Tuesday updateNews Microsoft said it is working on a fix for the issue and has offered users a temporary workaround
-
SpaceX bug bounty offers up to $25,000 per Starlink exploitNews The spacecraft manufacturer has offered white hats immunity to exploit a wide range of Starlink systems, with a dedicated report page
-
Microsoft announces lucrative new bug bounty awards for M365 products and servicesNews The new awards will focus on scenario-based weaknesses and offer bonuses of up to 30% for the most severe bugs
-
Adobe forced to patch its own failed security updateNews Company issues new fix for e-commerce vulnerability after researchers bypass the original update
-
Google doubles bug bounty rewards for Linux, Kubernetes exploitsNews The increased rewards are said to align better with the community's expectations of a bug bounty programme of this kind
