HomeTech PlusTECH & OTHER NEWSMicrosoft finds memory allocation holes in range of IoT and industrial technology

Microsoft finds memory allocation holes in range of IoT and industrial technology

The security research group for Azure Defender for IoT, dubbed Section 52, has found a batch of bad memory allocation operations in code used in Internet of Things and operational technology (OT) such as industrial control systems that could lead to malicious code execution.

Given the trendy vulnerability name of BadAlloc, the vulnerabilities are related to not properly validating input, which leads to heap overflows, and can eventually end at code execution.

“All of these vulnerabilities stem from the usage of vulnerable memory functions such as malloc, calloc, realloc, memalign, valloc, pvalloc, and more,” the research team wrote in a blog post.

The use of these functions gets problematic when passed external input that can cause an integer overflow or wraparound as values to the functions.

“The concept is as follows: When sending this value, the returned outcome is a freshly allocated memory buffer,” the team said.

“While the size of the allocated memory remains small due to the wraparound, the payload associated with the memory allocation exceeds the actual allocated buffer, resulting in a heap overflow. This heap overflow enables an attacker to execute malicious code on the target device.”

Microsoft said it worked with the US Department of Homeland Security to alert the impacted vendors and patch the vulnerabilities.

The list of affected products in the advisory includes devices from Google Cloud, Arm, Amazon, Red Hat, Texas Instruments, and Samsung Tizen. CVSS v3 scores range from 3.2 in the case of Tizen to 9.8 for Red Hat newlib prior to version 4.

As with most vulnerabilities, Microsoft’s primary piece of advice is to patch the affected products, but with the possibility of industrial equipment being hard to update, Redmond suggests disconnecting devices from the internet if possible or putting them behind a VPN with 2FA authentication, have a form of network security and monitoring to detect behavioural indicators of compromise, and use network segmentation to protect critical assets.

“Network segmentation is important for zero trust because it limits the attacker’s ability to move laterally and compromise your crown jewel assets, after the initial intrusion,” the team wrote.

“In particular, IoT devices and OT networks should be isolated from corporate IT networks using firewalls.”

Related Coverage

By ZDNet Source Link

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS