The flaws are in the TCP/IP stack, and they affect FreeRTOS.
The versions affected
FreeRTOS V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS V1.3.1, OpenRTOS, and SafeRTOS (with WHIS Connect middleware TCP/IP components) are all affected.
Why is this such a calamity?
Many IoT devices run on FreeRTOS. These gadgets are frequently low-cost and difficult to patch. Many of these gadgets, in fact, have firmware that hasn’t been updated in years. Fitness trackers, temperature monitors, appliances, cars, door locks, water metres, and a variety of other small devices are examples of goods that use FreeRTOS. The devices that use TCP/IP are the ones that are vulnerable. This indicates that the gadgets are internet-capable. Because these devices are connected, we can assume that they can be patched as well. Will they, however, succeed? Probably not. As a result, this is a vulnerability that could be exploited for years to come. The following is a complete list of the vulnerabilities that affect FreeRTOS, along with their identifiers: