Critical Vulnerabilities were discovered in FreeRTOS Operating System

No featured articles available

Check back soon for the latest updates and featured content.

13 vulnerabilities were discovered in the popular open-source operating system FreeRTOS in which 4 are remote code execution vulnerabilities

13 vulnerabilities were discovered in the popular open-source operating system FreeRTOS in which 4 are remote code execution vulnerabilities. FreeRTOS is an open-source operating system used in small microprocessors and microcontrollers used in smart home and other critical infrastructure products. The vulnerabilities were discovered by security researchers Ori Karliner at Zimperium zlabs. “During our research, we discovered multiple vulnerabilities within FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules. The same vulnerabilities are present in WHIS Connect TCP/IP component for OpenRTOSSafeRTOS.” The vulnerabilities were found in the FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules. the same vulnerabilities were also discovered in WHIS Connect TCP/IP component for OpenRTOSSafeRTOS. Attackers can exploit these vulnerabilities to crash the device, extract information from the device memory and for remote code execution. By this way, attackers can completely compromise the device. The flaw affects FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, WHIS OpenRTOS and SafeRTOS (With WHIS Connect middleware TCP/IP components). The company notified the flaw to Amazon and cooperated with them to fix the issues. The patches were released for AWS FreeRTOS versions 1.3.2 and others. WHIS has also confirmed about the vulnerabilities and patches were also released. Here below is the list of vulnerabilities discovered by the company. CVE-2018-16522(Remote code execution), CVE-2018-16525 (Remote code execution), CVE-2018-16526 (Remote code execution), CVE-2018-16528(Denial of service), CVE-2018-16523(Information leak), CVE-2018-16524(Information leak), CVE-2018-16527(Information leak), CVE-2018-16599(Information leak), CVE-2018-16600(Information leak), CVE-2018-16601(Information leak), CVE-2018-16602(Information leak), CVE-2018-16603(Information leak), CVE-2018-16598(Other). "FreeRTOS and SafeRTOS have been used in a wide variety of industries: IoT, Aerospace, Medical, Automotive, and more. Due to the high risk nature of devices in some of these industries, zLabs decided to take a look at the connectivity components that are paired with these OS’s. Clearly, devices that have connectivity to the outside world are at a higher degree of risk of being attacked." said in the post published by the company. For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin and Twitter.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

Successful CISO – Is a Business Enabler the Need of the Hour?

Behind the Job Title: Information Security Consultant

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

Critical Vulnerabilities were discovered in FreeRTOS Operating System

13 vulnerabilities were discovered in the popular open-source operating system FreeRTOS in which 4 are remote code execution vulnerabilities

Share Your Story!

No featured articles available

13 vulnerabilities were discovered in the popular open-source operating system FreeRTOS in which 4 are remote code execution vulnerabilities

Stay Updated with the Latest Cybersecurity News