42 matches found
Vulnerabilities fixed in Microsoft Azure
Vulnerabilities have been fixed in Microsoft Azure components. A malicious party could exploit the vulnerabilities to obtain elevated privileges, or to gain access to sensitive data in the context of the victim. Microsoft states for several of the vulnerabilities listed below to be in possession ...
Microsoft Azure Real Time Operating System 安全漏洞
Microsoft Azure Real Time Operating System Azure RTOS is an embedded development kit from Microsoft Corporation USA that includes a small but powerful operating system that delivers reliable, ultra-fast performance for resource-constrained devices. A security vulnerability exists in the Microsoft...
Zephyr Buffer Overflow Vulnerability (CNVD-2021-95615)
Zephyr is an open source, small, scalable, real-time operating system. buffer overflow vulnerability exists in Zephyr, which stems from a buffer overflow in the ZephyrUSB DFU DNLOAD. No detailed vulnerability details are currently available...
Zephyr integer underflow vulnerability
Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. an integer underflow vulnerability in 6LoWPAN IPHC header decompression in Zephyr 2.4.0 and later can be exploited by attackers to cause out-of-bounds access in the Pv6 parsing logic...
Cars and hospital equipment running Blackberry QNX may be affected by BadAlloc vulnerability
Following an announcement by Blackberry the U.S. Food & Drug Administration FDA and the Cybersecurity & Infrastructure Security Agency CISA have put out alerts that vulnerabilities found in the Blackberry QNX real-time operating system RTOS may introduce risks for certain medical devices...
BadAlloc Flaw Affects BlackBerry QNX Used in Millions of Cars and Medical Devices
A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System RTOS could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. The shortcoming CVE-2021-22156, CVSS score: 9.0 is part of a...
Unspecified Vulnerability in Zephyr
Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. Zephyr has a security vulnerability that stems from improper handling of insufficient permissions or privileges in Zephyr. No details of the vulnerability are available at this time...
Zephyr buffer overflow vulnerability (CNVD-2021-44932)
Zephyr is an open source, small, scalable real-time operating system. A security vulnerability exists in Zephyr versions >= v1.14.2 and >= v2.2.0, which stems from a lack of size checking in Bluetooth HCI on SPI. No details of the vulnerability are available at this time...
Unspecified vulnerability in Zephyr (CNVD-2021-95624)
Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...
Texas Instruments TI-RTOS-MCU 输入验证错误漏洞
The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. The Texas Instruments TI-RTOS-MCU has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a...
CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities
CISA has released Industrial Control Systems Advisory ICSA-21-119-04 Multiple RTOS to provide notice of multiple vulnerabilities found in real-time operating systems RTOS and supporting libraries. Successful exploitation of these vulnerabilities could result in unexpected behavior such as a crash...
Siemens Nucleus Products IPv6 Stack Denial of Service Vulnerability
The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...
Pwning a Siemens Scalance ICS switch through ARM reversing
We’ve been working in industrial control systems security for a long time. Several of the team here used to work in OT control rooms or support SCADA environments. Whilst pen testing a ship control system, we noticed a heavy reliance on Siemens Scalance industrial ethernet switches, so bought a...
VxWorks is facing severe RCE attack risk-vulnerability warning-the black bar safety net
Armis research team in the VxWorks discovered 11 zero-day vulnerabilities, VxWorks may be the most widely used of theoperating system. VxWorks is more than 20 million devices in use, including critical industrial, medical and business equipment. Called the“URGENT/11,”the vulnerability exists in t...
PT-2019-18718 · Interpeak +1 · Interpeak Ipwebs +1
Name of the Vulnerable Software and Affected Versions: Interpeak IPWEBS on Green Hills INTEGRITY RTOS version 5.0.4 Description: The issue is related to the allocation of 60 bytes for the HTTP Authentication header in Interpeak IPWEBS on Green Hills INTEGRITY RTOS. When copying this header to...
PT-2019-18715 · Interpeak +1 · Interpeak Ipcomshell +1
Name of the Vulnerable Software and Affected Versions: Green Hills INTEGRITY RTOS version 5.0.4 Description: An issue was discovered in the Interpeak IPCOMShell TELNET server. The undocumented shell command "prompt" sets the shell's prompt value, which is used as a format string input to printf,...
This MicroSD Card Has Entire Secure Computer Inside It
As Millions of Hackers, Spammers and Scammers are after your sensitive online data, you can't really expect your passwords to stay secure forever, even if you are using long passwords. Most of us might be worried about losing our passwords as we keep signing up for online services. However, Googl...
qconn-exec NSE Script
Attempts to identify whether a listening QNX QCONN daemon allows unauthenticated users to execute arbitrary operating system commands. QNX is a commercial Unix-like real-time operating system, aimed primarily at the embedded systems market. The QCONN daemon is a service provider that provides...
QNX Real-Time Operating System (RTOS) Detection
Binary data 6958.prm...
QNX Real-Time Operating System (RTOS) Detection
Binary data 6959.prm...