Over 200 million devices vulnerable to remote
The operating system that may be controlling everything
from elevators, medical equipment, and other mission-critical systems is
vulnerable to attacks that give attackers complete control of the device.
Researchers found that it accounts for about 200 million internet-connected
Researchers with security firm Armis identified 11
vulnerabilities in various versions of VxWorks, a slimmed-down operating
system. VxWorks runs on more than 2 billion devices worldwide.
None of the 11 urgent vulnerabilities affect the most
recent version of VxWorks, or any of the certified versions of the OS,
including VxWorks 653 or VxWorks Cert edition.
The stakes are high for the 200 million devices that are
running a version that’s susceptible to a serious attack. Many of the
vulnerabilities reside in the networking stack known as IPnet, which can often
be exploited by little more than booby-trapping packets sent from the internet.
Depending on the vulnerability, exploits may be able to go
so far as to penetrate firewalls and other types of network defenses.
Of course, the direst of the scenarios would be attacks
that chain together multiple exploits that can then trigger the remote takeover
of multiple devices.
Armis researchers wrote in a technical overview that, “Such vulnerabilities do not require any adaptations for the
various devices using the network stack, making them exceptionally easy to
spread. In most operating systems, such fundamental vulnerabilities in the
crucial networking stacks have become extinct, after years of scrutiny
unraveled and mitigated such flaws.”
Wind River, the company that makes the VxWorks
operating system, believes that the number of affected devices is lower than
the 200 million estimated by Armis.
They have stated that the affected devices are
primarily non-critical devices such as modems, routers, and printers, as well
as some industrial and medical devices that reside at the perimeter of
organizations’ networks and are exposed to the internet.
Wind River issued patches recently and is in
the process of notifying affected customers of the threat.
The challenge for customers using devices that
run the VxWorks OS will be to locate the devices and then to take them off-line
so that they can be updated. As a lot of the affected devices could be
specialty equipment, it can affect a company that needs the machinery to be
Either way, as this is a very serious threat,
figuring out which operating system vital business machines are running should
be a top priority. Organizations using devices that run on VxWorks need to make
sure they’re not on a vulnerable version of the software.
if we can be of help with your network or computer, give us a call here at
RHYNO Networks. (855) 749-6648