Researchers have found 11 serious vulnerabilities in VxWorks, the world’s most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and medical equipment. Many of the flaws allow attackers to take over devices remotely by just sending network packets, which make them particularly dangerous.
Researchers from IoT security firm Armis, who found the vulnerabilities, dubbed them URGENT/11 due to their widespread impact. The flaws are located in the operating system’s TCP/IP stack, a core component that handles network communications, and six of them can result in remote code execution (RCE).
