From bleepingcomputer.com
Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems.
These 25 security flaws are known collectively as BadAlloc and are caused by memory allocation Integer Overflow or Wraparound bugs.
Threat actors can exploit them to trigger system crashes and execute malicious code remotely on vulnerable IoT and OT systems.