Submitted via IRC for Carny
Wind River has patched 11 security vulnerabilities in VxWorks that can be potentially exploited over networks or the internet to commandeer all sorts of equipment dotted around the planet.
This real-time operating system powers car electronics, factory robots and controllers, aircraft and spacecraft, wireless routers, medical equipment, digital displays, and plenty of other stuff – so if you deploy a vulnerable version of VxWorks, and it is network or internet-connected, you definitely want to check this out.
This set of bugs seemingly primarily affects things like printers and gateways, we must point out.
The vulnerabilities, discovered by security outfit Armis, can be exploited to leak internal device information, crash gadgets, and – in more than half of the flaws – execute malicious code on machines. It is estimated that VxWorks runs on two billion devices as an embedded OS, though Armis reckoned 200 million gizmos are actually potentially affected. Wind River told El Reg it reckons that second figure, as an estimate, is too high.
According to Armis [PDF] today, all 11 of the vulnerabilities (dubbed Urgent/11 for marketing purposes) are found in the VxWorks TCP/IP stack, IPnet. Bear in mind, this stack can be found in non-VxWorks systems: Wind River acquired it in 2006 when it bought Interpeak, which had licensed its code to other real-time operating system makers.
As such, an attacker needs network access to a vulnerable device, either on a LAN or over the internet if for some reason the gadget is public facing. VxWorks version 6.5 or higher, released circa 2006, with IPnet is vulnerable, except VxWorks 7 SR0620, which is the latest build: it contains patches that fix the aforementioned holes, and was released on July 19 following Armis' discovery of the blunders. Safety-certified flavors of the OS, such as VxWorks 653 and VxWorks Cert Edition are said to be unaffected.
"As each vulnerability affects a different part of the network stack, it impacts a different set of VxWorks versions," Armis researchers Ben Seri, Gregory Vishnepolsky, and Dor Zusman said in a write-up. "As a group, URGENT/11 affect VxWorks' versions 6.5 and above with at least one remote code execution vulnerability affecting each version."
Should a miscreant be able to connect to a vulnerable VxWorks device, they would potentially be able to send packets that could exploit any of the six critical flaws (CVE-2019-12256, CVE-2019-12255, CVE-2019-12260, CVE-2019-12261, CVE-2019-12263, CVE-2019-12257) to gain remote code execution, thus leading to a complete takeover of the hardware.
(Score: 2) by All Your Lawn Are Belong To Us on Thursday August 01 2019, @02:26PM
Code monkey like FreeRTOS!
Sorry....
This sig for rent.