Your new post is loading...
A series of vulnerabilities have been discovered in some implemenations of Real-Time Operating System (RTOS) VxWorks whose systems are used in more than two billion devices including sectors such as health care, transportation, aviation and other industrial operations. Dubbed Urgent/11, these could lead to a WannaCry-like situation if exploited by malicious actors, say researchers.
"Urgent/11 vulnerabilities affects several devices we can find in our daily lives, especially in healthcare. In fact VxWorks is an operating system commonly used in real-time devices like MRI machines and patient monitors. Attacking these kinds of devices can lead to critical impacts like changing the behaviour of those devices and providing wrong information to doctors/patients," Alessandro Di Pinto, security research manager at Nozomi Networks, told SC Media UK.
First reported and analysed by Armis and further probed by Wind River, the vulnerabilities are particularly notable because they allow attackers to take over devices without user interaction.
"Urgent/11 is serious as it enables attackers to take over devices with no user interaction required, and even bypass perimeter security devices such as firewalls and NAT solutions. These devastating traits make these vulnerabilities ‘wormable,’ meaning they can be used to propagate malware into and within networks," said the Armis report, adding: "Such an attack has a severe potential, resembling that of the EternalBlue vulnerability, used to spread the WannaCry malware."
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Urgent11
https://www.scoop.it/topic/securite-pc-et-internet
A series of vulnerabilities have been discovered in some implemenations of Real-Time Operating System (RTOS) VxWorks whose systems are used in more than two billion devices including sectors such as health care, transportation, aviation and other industrial operations. Dubbed Urgent/11, these could lead to a WannaCry-like situation if exploited by malicious actors, say researchers.
"Urgent/11 vulnerabilities affects several devices we can find in our daily lives, especially in healthcare. In fact VxWorks is an operating system commonly used in real-time devices like MRI machines and patient monitors. Attacking these kinds of devices can lead to critical impacts like changing the behaviour of those devices and providing wrong information to doctors/patients," Alessandro Di Pinto, security research manager at Nozomi Networks, told SC Media UK.
First reported and analysed by Armis and further probed by Wind River, the vulnerabilities are particularly notable because they allow attackers to take over devices without user interaction.
"Urgent/11 is serious as it enables attackers to take over devices with no user interaction required, and even bypass perimeter security devices such as firewalls and NAT solutions. These devastating traits make these vulnerabilities ‘wormable,’ meaning they can be used to propagate malware into and within networks," said the Armis report, adding: "Such an attack has a severe potential, resembling that of the EternalBlue vulnerability, used to spread the WannaCry malware."
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/securite-pc-et-internet/?&tag=Urgent11
https://www.scoop.it/topic/securite-pc-et-internet