Security · 2h ago
Seven Unpatched Flaws Found in FatFs Library Used in Millions of Devices
Security firm runZero disclosed seven vulnerabilities in FatFs, a filesystem library used in millions of embedded devices like cameras, drones, and industrial controllers. The flaws allow attackers to corrupt memory or execute arbitrary code via maliciously crafted FAT/exFAT images. No patches are yet available, leaving devices exposed to potential exploitation.
Meridian48 take
The disclosure highlights the systemic risk of unmaintained open-source components in critical infrastructure, but the real-world impact depends on whether attackers can deliver malicious filesystems to affected devices.
Read the full reporting
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices →
The Hacker News
fatfsembedded-security