- Remote code executions: CVE-2018-16522,CVE-2018-16525,CVE-2018-16526,CVE-2018-16528
- Denial-of-service: CVE-2018-16523
- Data leaks: CVE-2018-16524, CVE-2018-16527,CVE-2018-16599,CVE-2018-16600,CVE-2018-16601,CVE-2018-16602,CVE-2018-16603
- “Other”: CVE-2018-16598
Ori Karliner, a Zimperium researcher, stated that the vulnerabilities were found in “FreeRTOS’s TCP/IP stack” and in the AWS secure communication modules. The same vulnerabilities are found in the WHIS Connect TCP/IP part for OpenRTOSSafeRTOS. Zimperium pointed out that these operating systems are used in IoT devices across many industries, including aerospace and health care. This makes these vulnerabilities particularly dangerous if they are exploited. Karliner stated that Zimperium has been working closely with WHIS and AWS to patch the affected FreeRTOS versions.