VxWorks software, deemed as an Intel-owned operating system, is utilized in a wide array of critical infrastructure system as well as high-technology applications. Now, an expert says hackers can remotely exploit VxWorks, the OS used in Boeing 787 and in Curiosity Mars Rover.
Security researcher Yannick Formaggio of Istuary Innovation Labs, a security research company based in Canada, revealed at the 44Con Conference in London that he and his team discovered a vulnerability in specific versions of the OS. He noted that it can be exploited by anybody, anywhere in the world, who is connected to the Internet.
"Our team has conducted a thorough security analysis on VxWorks, including its supported network protocols and OS security mechanism. We will present the tool we developed for VxWorks assessment. The main goal of our tool is to provide effective penetration testing by implementing the WdbRPC protocol in python," reads the description of the expert's presentation at the 44Con. "To show its effectiveness, we are going to reveal some of the bugs we discovered along the way."
With the use of what he and his team call a "fuzzing tool," they were able to uncover the integer overflow vulnerability of the world's most widely-used real-time OS.
What they did, was to target a particular component of VxWorks. This allowed them to write to the memory on the OS. Upon creating the backdoor, Formaggio pointed out that they could already control VxWork's functions.
He added that they would have to look for the targets with the port 111 open and they could run the attack without the knowledge of the system administrator.
Specific versions which are vulnerable to the attack include the following: version 5.5 to version 6.9.4.1.
Reports say the researcher already told Wind River on the security flaw last July 22 and it quickly acknowledged the vulnerability. The expert believes the company has already issued a patch.
"While we do not discuss specific security issues regarding our infrastructure, we do take the necessary steps to ensure safe and secure operation of all our systems," a spokesperson of NASA told the press.
Meanwhile, a report confirmed that Boeing does not run on its planes a version of VxWorks that is vulnerable to the attack. However, the company said it had multiple layers of protection to make sure that its critical flight systems are safeguarded from any intrusion.
Photo: Idaho National Laboratory | Flickr