The vulnerabilities we uncovered by fuzzing µC/OS protocol stacks
Fuzzing has long been one of our favorite ways to search for security issues or vulnerabilities in software, but when it comes to fuzzing popular systems used in ICS environments, it traditionally involved a custom hardware setup to fuzz the code in its native environment.
Fuzzing µCOS protocol stacks, Part 2: Handling multiple requests per test case
This time, I’ll discuss why this approach is more challenging than simply substituting a socket file descriptor with a typical file descriptor.
Fuzzing µC/OS protocol stacks, Part 1: HTTP server fuzzing
Any vulnerability in an RTOS has the potential to affect many devices across multiple industries.
Fuzzing µC/OS protocol stacks, Part 3: TCP/IP server fuzzing, implementing a TAP driver
This is the final post in the three-part series that details techniques I used to fuzz two µC/OS protocol stacks: µC/TCP-IP and µC/HTTP-server.
Vulnerability Spotlight: A deep dive into WAGO’s cloud connectivity and the vulnerabilities that arise
Report and research by Kelly Leuschner. WAGO makes several programmable automation controllers that are used in many industries including automotive, rail, power engineering, manufacturing and building management. Cisco Talos discovered 41 vulnerabilities in their PFC200 and PFC