Get Started Book a Demo

CISA Advisory (ICSA-21-119-04)

19th August 2021 | Blog CISA Advisory (ICSA-21-119-04)


cisa advisory
August 19th, 2021: CyberHoot has received notification of critical risks to our national cybersecurity. A critical vulnerability has been made public by CISA, known as “BadAlloc”. Details of the vulnerabilities found in multiple real-time operating systems (RTOS) and supporting libraries are available here. CyberHoot is issuing this advisory to provide early notice of the reported vulnerabilities in the hope of assisting our clients in identifying at-risk systems and upgrading/eliminating/remediating the risks quickly and effectively.  Doing so will reduce your risk of these attacks. The vulnerabilities may allow malicious actors to exploit your systems using remote code injection/execution or simply crash your device. 

Affected Systems and Vulnerability

Below are the affected systems from this vulnerability. For more information on the specific vulnerabilities for each tool, go to https://cwe.mitre.org/data/definitions/190.html for more information. 

  • Amazon FreeRTOS, Version 10.4.1
  • Apache Nuttx OS, Version 9.1.0 
  • ARM CMSIS-RTOS2, versions prior to 2.1.3
  • ARM Mbed OS, Version 6.3.0
  • ARM mbed-ualloc, Version 1.3.0
  • BlackBerry QNX SDP Versions 6.5.0 SP1 and earlier
  • BlackBerry QNX OS for Safety Versions 1.0.1 and earlier safety products compliant with IEC 61508 and/or ISO 26262
  • BlackBerry QNX OS for Medical Versions 1.1 and earlier safety products compliant with IEC 62304
    • A full list of affected QNX products and versions is available here
  • Cesanta Software Mongoose OS, v2.17.0
  • eCosCentric eCosPro RTOS, Versions 2.0.1 through 4.5.3
  • Google Cloud IoT Device SDK, Version 1.0.2
  • Media Tek LinkIt SDK, versions prior to 4.6.1
  • Micrium OS, Versions 5.10.1 and prior
  • Micrium uC/OS: uC/LIB Versions 1.38.xx, Version 1.39.00
  • NXP MCUXpresso SDK, versions prior to 2.8.2
  • NXP MQX, Versions 5.1 and prior
  • Redhat newlib, versions prior to 4.0.0
  • RIOT OS, Version 2020.01.1 
  • Samsung Tizen RT RTOS, versions prior 3.0.GBB
  • TencentOS-tiny, Version 3.1.0
  • Texas Instruments CC32XX, versions prior to 4.40.00.07
  • Texas Instruments SimpleLink MSP432E4XX
  • Texas Instruments SimpleLink-CC13XX, versions prior to 4.40.00
  • Texas Instruments SimpleLink-CC26XX, versions prior to 4.40.00
  • Texas Instruments SimpleLink-CC32XX, versions prior to 4.10.03
  • Uclibc-NG, versions prior to 1.0.36 
  • Windriver VxWorks, prior to 7.0
  • Zephyr Project RTOS, versions prior to 2.5

What Can You Do?

Below are mitigations for this vulnerability on the various systems it affects. The majority of systems have updates/patches available for this potential exploit. CyberHoot recommends you update immediately if you use these tools. 

Sources
CISA.Gov

CWE – Integer Overflow or Wraparound

Find out how CyberHoot can secure your business.


Schedule a demo

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

When the Attack Looks Just Like You
24th March 2026 | Blog

When the Attack Looks Just Like You

Artificial Intelligence (or AI) is making phishing emails smarter, malware sneakier, and credential theft easier...

Read more
Cybercriminals Are Exploiting DocuSign with Customizable Phishing Templates
10th March 2026 | Blog

Cybercriminals Are Exploiting DocuSign with Customizable Phishing Templates

DocuSign has become one of the most trusted tools in modern business. Contracts, HR paperwork, NDAs, vendor...

Read more
PromptSpy: The Android Malware That Hired an AI Assistant
3rd March 2026 | Blog

PromptSpy: The Android Malware That Hired an AI Assistant

And yes, Google's Gemini AI had no idea it was working for the bad guys. Malware has always followed a script....

Read more
Get Started All Posts