There's a new network security threat to be aware of, and it affects one of the world's most widely used operating systems, VXWorks. In fact, VxWorks is so commonly used, it powers more than 2 billion devices around the world, including firewalls, printers, elevators, Boeing 787s, and more. Armis, a Califonia-based enterprise IoT security company, describes it as "the most widely used operating system you have likely never heard about." They recently discovered 11 zeroday vulnerabilities within it, with an estimate that more than 200 million devices or networks can now be easily compromised.

What does this mean for you?

If your organization has any devices that utilize VxWorks, it is possible that malicious actors can very easily compromise your devices or network. A number of the vulnerabilities discovered were classified as critical Remote Code Execution (RCE), which means that the attacker can exploit remotely – likely with zero knowledge of your network topology, zero phishing emails, and minimal effort.

Here's a real-world example of how an attacker can easily gain access to your entire network in a matter of minutes through a vulnerable Dell SonicWall firewall:

And this is just a single example of the harm that can be caused by the disclosed vulnerabilities. Armis disclosed two more real-world examples of the damage that can be caused by the vulnerabilities. An externally networked printer, for example, could be used to access devices that have no external connection of their own. Or even worse, a hospital's biometric patient monitor could be compromised to display false vitals, or even eliminate critical alarms, leading to life-threatening consequences.

What should you do?

We recommend that you work with your internal IT team or managed service provider (MSP) to patch your devices immediately. A limited list of vendors who may have been affected and have patches available are listed below. (1)

Official VxWorks security advisory notice: https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/security-advisory-ipnet/

 

Questions about VxWorks vulnerabilities? Connect with our team by setting up a free appointment.