Researchers earlier this week have found bugs within a popular Internet of Things real-time operating system – FreeRTOS – is riddled with serious vulnerabilities. The bug allows potential hackers to crash IoT devices, leak their information, and completely take them over.
The vulnerability allows hackers to crash connected devices in smart homes or critical infrastructure systems, take them over, and leak information from the devices’ memory. The critical vulnerability is one of the most popular embedded real-time operating systems (FreeRTOS), exposing a wide range of IoT devices and critical infrastructure systems to hackers. And whilst patches have been issued, researchers warn that it still may take time for smaller vendors to update.
Researcher Ori Karliner, with Zimperium’s zLabs team, recently analyzed some of the leading operating systems in the IoT market – including FreeRTOS, an open-source OS specifically designed for the microcontrollers that are within IoT devices. Within several versions of FreeRTOS, Karliner found 13 vulnerabilities enabling an array of attacks, including remote code execution, information leak and denial-of-service bugs.
What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)?
A Real-Time Operating System is an operating system that is optimised for use in embedded/real-time applications. Their primary objective is to ensure a timely and deterministic response to events. An event can be external, like a limit switch being hit, or internal like a character being received.
Using a real-time operating system allows a software application to be written as a set of independent tasks. Each task is assigned a priority and it is the responsibility of the Real-Time Operating System to ensure that the task with the highest priority that is able to run is the task that is running. Examples of when a task may not be able to run include when a task is waiting for an external event to occur, or when a task is waiting for a fixed time period.
Since late last year, FreeRTOS project is being managed by Amazon, who created Amazon FreeRTOS (a:FreeRTOS) IoT operating system for microcontrollers by upgrading FreeRTOS kernel and some of its components.
Amazon enhanced FreeRTOS functionalities by adding modules for secure connectivity, over the air updates, code signing, AWS cloud support, and more.
Besides Amazon, WITTENSTEIN high integrity systems (WHIS) also maintains two variants of FreeRTOS—a commercial version of FreeRTOS called WHIS OpenRTOS, and a safety-oriented RTOS called SafeRTOS, for use in safety-critical devices.
Vulnerabilities and Affective Patches:
Ori Karliner, a security researcher at Zimperium Security Labs (zLabs), discovered a total of 13 vulnerabilities in FreeRTOS’s TCP/IP stack that also affect its variants maintained by Amazon and WHIS, as shown below:
he vulnerabilities specifically exist in FreeRTOS’s TCP/IP stack and in the AWS secure connectivity modules (in as well as in the WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS).
Zimperium responsibly reported the vulnerabilities to Amazon, and the company yesterday deployed security patches for AWS FreeRTOS versions 1.3.2 and onwards (latest v1.4.2).
“We also received confirmation from WHIS that they were exposed to the same vulnerabilities, and those were patched together with Amazon,” zLabs says.
To allow smaller vendors to patch the issues before attackers try to leverage them, zLabs has decided not to disclose technical details of these vulnerabilities to the public for at least a month. If you require any assistance please contact us as soon as possible.
Other Articles You May Enjoy:
- Understanding Cloud Backup in Office 365
- 2018 Guide: Integrating Cloud Into Your Business
- Microsoft Fixes Critical Vulnerability In October Patch Release
- How To Get The Best Out Of Your MSP