Reports suggest that the VxWorks Operating System that is installed in numerous devices including NASA’s Curiosity Rover contains Backdoor.
A Canadian security researcher has identified two vulnerabilities in the well-known operating system VxWorks. It is installed in NASA’s Curiosity Rover along with other sensitive devices.
According to the research findings, the discovered vulnerabilities don’t specifically target NASA or the Curiosity Rover but these do prevail in some versions of VxWorks.
A bit about VxWorks:
VxWorks was created by a US-based company called The Wind in 1987. The Wind is an Intel Corp. subsidiary. The OS has been successfully deployed in a variety of devices from industrial robots to Boeing 787 planes, medical equipment and even network routers.
[must url=”https://www.hackread.com/nasa-hacked-anti-nsa-syrian-war/”]14 official NASA domains hacked by BMPoC, left with messages against NSA[/must]
VxWorks was the same OS that was used to run the Rover when it was sent on the mission to Mars. It is considered a highly secure and reliable real-time OS as far as the Internet of Things is concerned.
It is one of the most trusted and widely used operating systems for connecting IoT-enabled devices.
One of the clients of the Canada-based security expert Yannick Formaggio asked him to research into the security features of VxWorks OS prior to deciding whether to deploy it as industrial equipment at their own firm.
Mr. Formaggio did so and after a thorough inspection found that this real-time OS was highly secure except for two weaknesses: Ring Buffer Overflow and a Backdoor.
While presenting his research at the 44CON security conference held in London, Mr. Formaggio explained that the backdoor can be easily created without getting detected only by supplying negative values in the log in section.
When Formaggio did so, he was able to bypass memory defenses and managed to create a root level account on the OS without having appropriate access and authority to do so.
As far as the Ring Buffer Overflow issue is concerned, the problem lies in the operating system’s built-in server. The server immediately crashed after receiving a maliciously created username and password at excessively high speeds.
This bug prompts a DoS or Denial of Service error in the networking capabilities of the device.
The code was found to be remotely exploitable and goes undetected to system administrators.
The versions of VxWorks operating system that had these issues are those between 5.5 and 22.214.171.124.
The wind has already provided the patched for these vulnerabilities after being notified in July.
The firm recommends that all VxWorks devices should be updated immediately.