Operating System Bug Exposes 200 Million Critical Devices

Reports have surfaced about a group of vulnerabilities in OS VxWorks that impacts more than 200 million critical devices. It appears that VxWorks is primarily designed for medical equipment, elevator controllers and satellite modems. 

According to reports, there is a cluster of 11 vulnerabilities in the platform’s networking protocols, six of which could conceivably give an attacker remote device access, and use a worm to spread the malware to other VxWorks devices around the world. The patching process is expected to be long and difficult, so presenters will be sharing their findings at the Black Hat conference in Las Vegas next week.