A series of vulnerabilities in VxWorks—a real-time operating system (RTOS) that has been in use since the late 1980s—could leave up to 200 million modems, routers, firewalls, printers, and industrial and medical devices open to exploit.

These vulnerabilities aren’t theoretical—the exploits have been demonstrated—and many of the affected devices haven’t been touched or actively managed in years. Further complicating the matter is that many organizations don’t know whether they’ve got VxWorks devices on their networks in the first place (though an OS discovery scan would be a quick way to tell).

Only certain versions of VxWorks are affected, however. VxWorks maintainer Wind River has published a list of FAQs with guidance  for remediation.

Read more here.

Ross is the CISO at Symplexity. He has achieved CCIE Security and CISSP certifications, an MBA from the University of Notre Dame, and has 20 years of experience in the fields of computer and network security engineering and consulting. Ross provides virtual CISO services for our Symplexity Secure clients and helps them to identify information security risks and implement administrative, procedural, and technical controls to mitigate. He works effectively with both technical and managerial personnel and is a trusted resource for our clients.

Ready to take your technology to the next level?

Contact Us Now