Security researchers have discovered 11 vulnerabilities in Wind River’s VxWorks operating system, which is used in approximately 2 billion IoT devices, medical devices and control systems, according to the HIPAA Journal.
Six of the vulnerabilities have been deemed critical, as they can be exploited with no user interaction required. If a hacker took advantage of the vulnerability, they would be able to take full control of the device, reports the HIPAA Journal.
The VxWorks operating system is used in patient monitors, MRI machines, elevator control systems, industrial controllers, data acquisition systems, modems, routers, firewalls and printers.
Since Wind Rivers was notified, the company has created patches for the vulnerabilities. The company said all supported versions of VxWorks are affected by at least one of the vulnerabilities.
Date: August 7, 2019
Source: Becker’s Hospital Review