Microsoft security researchers have discovered over two dozen critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. The vulnerabilities were found by Microsoft’s researchers in standard memory allocation functions widely used in multiple real-time operating systems (RTOS), C standard library (libc) implementations, and embedded software development kits (SDKs) These flaws are known collectively as BadAlloc and are caused by memory allocation bugs.
Source: https://www.bleepingcomputer.com/news/security/microsoft-finds-critical-code-execution-bugs-in-iot-ot-devices/