"Maritime Cyber Alert: ‘BadAlloc’ Critical Vulnerability"

The Coast Guard Cyber Command, Maritime Cyber Readiness Branch issued an alert to the Maritime community, recommending that they examine their systems to determine if they have BlackBerry QNX versions 6.5 or below, or any of the other products recently identified and listed by the U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) in ICSA-21-119-04. The recent public disclosure of the BadAlloc vulnerability in BlackBerry QNX versions 6.5 or earlier, calls on organizations to be on alert for threats and vulnerabilities facing the cyber landscape. BadAlloc refers to a family of vulnerabilities found in embedded Internet of Things (IoT) and Operational Technology (OT) operating systems and software. The exploitation of these vulnerabilities could allow attackers to deny system availability, exfiltrate data, and more. This article continues to discuss Maritime Cyber Alert 02-21, as well as the potential impact of the BadAlloc vulnerability. 

HSToday reports "Maritime Cyber Alert: ‘BadAlloc’ Critical Vulnerability"