URGENT11 is urgent!

By: Wade Whittle

It has been a busy July for Cyber Security individuals and companies. You have probably heard that Capital One reported a massive data breach of 100 million users’ private information. On the other hand, you may not have heard that Armis Labs published a technical white paper discussing 11 vulnerabilities they found within a popular RTOS (Real-Time Operating System), VxWorks. These vulnerabilities have been named the URGENT11. Read the full technical whitepaper here.

The owner of VxWorks, Wind River, estimates their affected install base is in the 2 billion device range; that’s BILLION with a B. VxWorks has been installed on devices for the last 13 years. According to the Security Advisory published by Wind River, all but the latest version of VxWorks are vulnerable to one or more of the URGENT11 vulnerabilities. Six of the 11 vulnerabilities allow you to perform Remote Code Execution on the device.

Why is the URGENT11 so urgent? Because it is one of the most popular operating systems in IoT, OT, printers, and routers. According to the company’s web site, their customers include NASA, Airbus, Alcatel-Lucent, Boeing, Delphi, Eurocopter, Mitsubishi, Northrop Grumman, Siemens, and Varian.  These companies take this operating system, package it with their application, and, in some cases, resell it to an end customer. These applications are used on SCADA devices, industrial controllers, patient monitors, MRI machines, firewalls, VoIP phones, and printers just to name a few, so the end-user is, most likely, not aware of the underlying operating system. These devices are rarely, if ever, upgraded. It will take companies that have these devices significant time and effort to even verify the underlying OS version, much less get them upgraded.

We understand the monumental nature of the task at hand to patch these 2 BILLION devices, but what makes it so urgent today?  It’s the timing! On August 6th, Armis is planning on presenting their technical whitepaper at the annual Black Hat conference, which will put these vulnerabilities in front of one of the largest gatherings of hackers and hacker wannabes in the world. There are already YouTube videos demonstrating the vulnerability on a SonicWall Firewall and a patient monitor. Just imagine how the number of videos will increase as more people become aware of the vulnerability.

If you think your company owns affected devices, it is imperative that you know how you are going to protect your vulnerable assets.  That’s where a trusted Solutions provider comes in. We can guide and assist you.

Wade Whittle has been a Cybersecurity practitioner for over 20 years, consulting for organizations from large multinationals to state and local governments.  In his spare time, Wade is a volunteer firefighter.

Contact us today to learn more and let us help you ensure you are safe. Sales@fcltd.net or 817-510-1126.

Contact Us

3600 William D. Tate Ave.
Suite 300, Grapevine, TX 76051

Toll Free: 888-710-5250

Main Line: 817-510-1100

Fax: 817-510-1159