The Armis research team, Armis Labs, have discovered 11 zero day vulnerabilities in VxWorks®, the most widely used operating system you may never heard about. VxWorks is used by over 2 billion devices including critical industrial, medical and enterprise devices. Dubbed “URGENT/11,” the vulnerabilities reside in VxWorks’ TCP/IP stack (IPnet), impacting all versions since version 6.5, and are a rare example of vulnerabilities found to affect the operating system over the last 13 years. Armis has worked closely with Wind River®, the maintainer of VxWorks, and the latest VxWorks 7 released on July 19 contains fixes for all the discovered vulnerabilities.
Six of the vulnerabilities are classified as critical and enable Remote Code Execution (RCE). The remaining vulnerabilities are classified as denial of service, information leaks or logical flaws. URGENT/11 is serious as it enables attackers to take over devices with no user interaction required, and even bypass perimeter security devices such as firewalls and NAT solutions. These devastating traits make these vulnerabilities ‘wormable,’ meaning they can be used to propagate malware into and within networks. Such an attack has a severe potential, resembling that of the EternalBlue vulnerability, used to spread the WannaCry malware.
Data loss happens all the time and it is devastating. We can help you get started to protect your business!
Netsmith Networks is a reseller of IDrive
IDrive backs up all your data from your computers, servers and smart devices and stores it on the cloud securely. If you ever lose your data, you can restore all your files easily from backup. While there are multiple mediums to backup your files, online backup is easy, takes less time to configure and is inexpensive. All your data can be scheduled for automatic backup from time to time, so you don’t have to remember to do it.
Securely access all your files from anywhere. Login to IDrive website from any web browser to access your files or use IDrive iOS and Android apps.