The correct answer is B. Memory injection.
An RTOS, or real-time operating system, is commonly used in embedded systems, industrial systems, medical devices, vehicles, and operational technology environments. These systems often have strict timing requirements and may run specialized software with limited security protections.
Memory injection can be used to compromise systems by inserting malicious code or commands into memory. This can allow an attacker to alter execution flow, manipulate processes, bypass controls, or gain unauthorized control of the device.
Why the other options are incorrect:
A. Cross-site scripting
Cross-site scripting is primarily a web application attack. It is not the best answer for compromising a system running an RTOS.
C. Replay attack
A replay attack captures and retransmits valid data or authentication messages. It may affect some embedded or industrial communication systems, but it does not directly describe compromising the RTOS itself as well as memory injection.
D. Ransomware
Ransomware encrypts or locks data and demands payment. While some embedded systems could theoretically be disrupted by malware, ransomware is not the best match for compromising an RTOS.
Therefore, the best answer is memory injection.