This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Shlomi_Feldman
Employee Alumnus
Employee Alumnus
‎2019-08-11 09:46 AM

Urgent/11 - 11 Zero Day Vulnerabilities Impacting VxWorks, the Most Widely Used Real-Time Operating

In the last several days, we notice a large campaign advising about discovered vulnerabilities concerning VxWorks operating system. some publications claim that the vulnerabilities effect 200 million devices, while other claim it effect up to 2 billion devices. The danger of these vulnerabilities stand in the fact that this operating system is very common in use in s variety large and completely different sectors. in addition, there is no clear visibility which devices exactly uses this operating system. Even the researcher which found the vulnerabilities https://armis.com/urgent11/#/devices are unable to provide exact and detailed list about the effected devices. this lack of visibility pose real difficulty for the users attempting to mitigate this risks.

I would be more than happy to get your comments and thoughts about the issue

0 Kudos
4 Replies
Tommy_Forrest
Advisor
‎2019-10-02 12:26 PM

Any word on when we might see IPS protections for these CVE's?

0 Kudos
Shlomi_Feldman
Employee Alumnus
Employee Alumnus
‎2019-10-02 12:29 PM
In response to Tommy_Forrest

Hi

I would check it out and will inform you.

0 Kudos
Shlomi_Feldman
Employee Alumnus
Employee Alumnus
‎2019-10-02 08:29 PM
In response to Dale_Lobb

thanks for the update, excellent information

The concern of the federal agencies is understood, due to the fact the approx. 2 billion devices are effected by these vulnerabilities globally. The main problem with Urgent/11 is the fact that mos users are not even aware that they own or operate devices using VxWorks operating system. further not all vendors already released patches for the urgent/11 although it was published about 2 month ago.

we will keep on following the issue and will update in Checkmates  

0 Kudos
Upcoming Events

    CheckMates Events