4 matches found
Fuzzing µC/OS protocol stacks, Part 3: TCP/IP server fuzzing, implementing a TAP driver
This is the final post in the three-part series that details techniques I used to fuzz two µC/OS protocol stacks: µC/TCP-IP and µC/HTTP-server. The first post highlighted code modifications necessary for developing a fuzzing harness tailored for the µC/HTTP-server. The second discussed a techniqu...
CISA Releases Security Advisory on Siemens Nucleus Real-Time Operating Systems
CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities found in Siemens Nucleus Real-Time Operating Systems RTOS and supporting libraries. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages...
Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices
Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...
Embedded TCP/IP stacks have memory corruption vulnerabilities
Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things IoT and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU96491057 as well as the name AMNESIA:33...