CISA issues an advisory of vulnerabilities affecting IoT and OT devices

USA Cybersecurity and Infrastructure Security Agency (CISA) publishes an advisory of vulnerabilities known as “BadAlloc.” These vulnerabilities, which can be found in IoT and OT devices, were discovered by Microsoft Security Response Center. So far, Microsoft reported it hadn’t detected any evidence of these vulnerabilities being exploited. CISA recommends organizations apply vendor updates, erect firewall barriers, isolate system networks from business networks, and restrict exposure of control system devices.