JFrog and Claroty cybersecurity experts revealed yesterday the discovery of 14 new critical vulnerabilities in the BusyBox Linux utility. If exploited, they could allow denial-of-service (DoS) and, in some instances, information leaks and Remote Code Execution (RCE).
According to the researchers, all the flaws have a medium risk score and are unlikely to be used for nefarious purposes.
Dubbed “the Swiss Army Knife of Embedded Linux,” BusyBox is a software suite used by many of the world’s leading operational technology (OT) and internet of things (IoT) devices, including popular programmable logic controllers (PLCs), human-machine interfaces (HMIs) and remote terminal units (RTUs).
As explained by JFrog, BusyBox is:
a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find a full-fledged shell, a DHCP client/server, and small utilities such as cp, ls, grep, and others.
The finding of the flaws is important due to the widespread use of BusyBox not only in the embedded Linux community but also in countless Linux applications used outside of devices. Researchers recommend that security teams address these weaknesses as soon as possible.
These new vulnerabilities that we’ve disclosed only manifest in specific cases, but could