Data: CASIE
Negative Trigger
their
information
,
and
completely
take
them
over
.
Researchers
have found
Vulnerability-related.DiscoverVulnerability
that
a
popular
Internet
of
Things
real-time
operating
system
–
FreeRTOS
–
is
riddled
with
serious
vulnerabilities
.
The
bugs
could
allow
hackers
to
crash
connected
devices
in
smart
homes
or
critical
infrastructure
systems
,
leak
Attack.Databreach
information
from
the
devices
’
memory
,
and
take
them
over
.
And
while
patches
have been issued
Vulnerability-related.PatchVulnerability
,
researchers
warn
that
it
still
may
take
time
for
smaller
vendors
to
update
Vulnerability-related.PatchVulnerability
.
Researcher
Ori
Karliner
,
with
Zimperium
’
s
zLabs
team
,
recently
analyzed
some
of
the
leading
operating
systems
in
the
IoT
market
–
including
FreeRTOS
,
an
open-source
OS
specifically
designed
for
the
microcontrollers
that
are
within
IoT
devices
.
Within
several
versions
of
FreeRTOS
,
Karliner
found
Vulnerability-related.DiscoverVulnerability
13
vulnerabilities
enabling
an
array
of
attacks
,
including
remote
code
execution
,
information
leak
and
denial-of-service
bugs
.
“
During
our
research
,
we
discovered
Vulnerability-related.DiscoverVulnerability
multiple
vulnerabilities
within
FreeRTOS
’
s
TCP/IP
stack
and
in
the
AWS
secure
connectivity
modules
.
The
same
vulnerabilities
are present in
Vulnerability-related.DiscoverVulnerability
WHIS
Connect
TCP/IP
component
for
OpenRTOS\SafeRTOS
,
”
according
to
a
Thursday
post
by
zLabs
.
The
vulnerabilities
specifically
exist in
Vulnerability-related.DiscoverVulnerability
FreeRTOS
’
s
TCP/IP
stack
and
in
the
AWS
secure
connectivity
modules
(
in
as
well
as
in
the
WHIS
Connect
TCP/IP
component
for
OpenRTOS\SafeRTOS
)
.
These
vulnerabilities
include
four
remote
code
execution
bugs
(
CVE-2018-16522
,
CVE-2018-16525
,
CVE-2018-16526
,
and
CVE-2018-16528
)
;
seven
information
leak
vulnerabilities
(
CVE-2018-16524
,
CVE-2018-16527
,
CVE-2018-16599
,
CVE-2018-16600
,
CVE-2018-16601
,
CVE-2018-16602
,
CVE-2018-16603
)
one
denial
of
service
flaw
(
CVE-2018-16523
)
and
a
final
(
CVE-2018-16598
)
that
was
unspecified
.
zLabs
said
Vulnerability-related.DiscoverVulnerability
it
has disclosed
Vulnerability-related.DiscoverVulnerability
the
security
issues
to
Amazon
and
collaborated
with
them
to
patch
Vulnerability-related.PatchVulnerability
the
vulnerabilities
.
Those
fixes
were deployed
Vulnerability-related.PatchVulnerability
for
AWS
FreeRTOS
versions
1.3.2
and
onwards
.
The
vulnerabilities
in
RTOS
WHIS
were
also
patched
Vulnerability-related.PatchVulnerability
.
Amazon
did
not
respond
to
a
request
for
comment
from
Threatpost
.
Due
to
the
amount
of
vendors
impacted
Vulnerability-related.DiscoverVulnerability
by
the
bugs
,
the
researchers
said
Vulnerability-related.DiscoverVulnerability
that
they
would
hold off on publishing
Vulnerability-related.DiscoverVulnerability
further
details
until
all
holes
have been sealed
Vulnerability-related.PatchVulnerability
.
The
technical
details
of
security
vulnerabilities
impacting
Vulnerability-related.DiscoverVulnerability
the
Nvidia
Video
and
an
Android
driver
have been revealed
Vulnerability-related.DiscoverVulnerability
by
Zimperium
,
which
acquired
the
flaws
as
part
of
an
exploit
acquisition
program
.
On
Tuesday
,
Zimperium
zLabs
researchers
published
Vulnerability-related.DiscoverVulnerability
a
blog
post
detailing
the
security
flaws
,
two
escalation
of
privilege
bugs
found
Vulnerability-related.DiscoverVulnerability
within
the
NVIDIA
Video
driver
and
MSM
Thermal
driver
.
The
Nvidia
bug
,
CVE-2016-2435
,
impacts
Vulnerability-related.DiscoverVulnerability
Android
6.0
on
the
Nexus
9
handset
.
The
problem
arises
Vulnerability-related.DiscoverVulnerability
when
attackers
craft
an
application
to
tamper
with
read/write
memory
values
and
force
privilege
escalation
.
The
second
security
flaw
,
CVE-2016-2411
,
involves
Vulnerability-related.DiscoverVulnerability
a
Qualcomm
power
management
kernel
driver
,
the
MSM
Thermal
driver
,
in
Android
version
6
.
If
an
attacker
crafts
a
malicious
application
,
they
can
give
themselves
root
access
through
an
internal
bug
in
the
driver
,
leading
to
privilege
escalation
.
These
bugs
are well documented
Vulnerability-related.DiscoverVulnerability
,
known
Vulnerability-related.DiscoverVulnerability
,
and
for
the
most
part
security
updates
have been issued
Vulnerability-related.PatchVulnerability
.
However
,
Zimperium
says
Vulnerability-related.DiscoverVulnerability
that
making
the
technical
details
available
of
these
so-called
Vulnerability-related.DiscoverVulnerability
``
N-day
''
flaws
is
important
and
can
act
as
a
catalyst
to
boost
the
speed
of
patch
production
and
to
iron
out
problems
arriving
between
a
patch
being created
Vulnerability-related.PatchVulnerability
and
vendors
distributing
Vulnerability-related.PatchVulnerability
the
update
in
good
time
.
In
February
,
Zimperium
launched
Vulnerability-related.DiscoverVulnerability
an
N-day
acquisition
program
which
is
only
interested
in
known
security
problems
,
rather
than
unknown
and
unpatched
zero-days
.
Over
the
next
year
,
the
exploit
purchaser
is
budgeting
a
total
of
$
1.5
million
to
pick
up
the
details
on
these
exploits
.
Once
a
bug
has been discovered
Vulnerability-related.DiscoverVulnerability
and
a
fix
is being worked on
Vulnerability-related.PatchVulnerability
,
an
N-day
exploit
indicates
a
time
of
one
or
more
days
in
which
user
systems
can
be
compromised
until
a
security
update
is issued
Vulnerability-related.PatchVulnerability
.
``
By
focusing
on
N-days
,
or
patched
vulnerabilities
,
Zimperium
is
applying
pressure
on
the
mobile
ecosystem
to
re-think
how
and
when
users
receive
Vulnerability-related.PatchVulnerability
security
updates
,
''
the
company
said
at
the
time
.
``
[
The
]
program
will
reward
the
hard
work
of
researchers
who
would
n't
otherwise
receive
compensation
for
an
N-day
exploit
.
''