Realtek Wi-Fi

Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software program improvement kits (SDKs) accompanying its WiFi modules, that are utilized in virtually 200 IoT units made by at the least 65 distributors.

The issues, which have an effect on Realtek SDK v2.x, Realtek “Jungle” SDK v3.0/v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek “Luna” SDK as much as model 1.3.2, may very well be abused by attackers to completely compromise the goal gadget and execute arbitrary code with the very best degree of privilege —

  • CVE-2021-35392 (CVSS rating: 8.1) – Heap buffer overflow vulnerability in ‘WiFi Easy Config’ server as a consequence of unsafe crafting of SSDP NOTIFY messages
  • CVE-2021-35393 (CVSS rating: 8.1) – Stack buffer overflow vulnerability in ‘WiFi Easy Config’ server as a consequence of unsafe parsing of the UPnP SUBSCRIBE/UNSUBSCRIBE Callback header
  • CVE-2021-35394 (CVSS rating: 9.8) – A number of buffer overflow vulnerabilities and an arbitrary command injection vulnerability in ‘UDPServer’ MP device
  • CVE-2021-35395 (CVSS rating: 9.8) – A number of buffer overflow vulnerabilities in HTTP internet server ‘boa’ as a consequence of unsafe copies of some overly lengthy parameters
Realtek Wi-Fi SDK

Impacting units that implement wi-fi capabilities, the record contains residential gateways, journey routers, WiFi repeaters, IP cameras to sensible lightning gateways, and even related toys from a variety of producers akin to AIgital, ASUSTek, Beeline, Belkin, Buffalo, D-Hyperlink, Edimax, Huawei, LG, Logitec, MT-Hyperlink, Netis, Netgear, Occtel, PATECH, TCL, Sitecom, TCL, ZTE, Zyxel, and Realtek’s personal router lineup.

Prevent Ransomware Attacks

“We obtained 198 distinctive fingerprints for units that answered over UPnP. If we estimate that every gadget might have bought 5k copies (on common), the entire rely of affected units could be near 1,000,000,” researchers stated.

Whereas patches have been launched for Realtek “Luna” SDK in model 1.3.2a, customers of the “Jungle” SDK are beneficial to backport the fixes supplied by the corporate.

The safety points are stated to have remained untouched in Realtek’s codebase for greater than a decade, German cybersecurity specialist IoT Inspector, which discovered the weaknesses, stated in a report printed Monday three months after disclosing them to Realtek in Could 2021.

“On the product vendor’s finish, […] producers with entry to the Realtek supply code […] missed to sufficiently validate their provide chain, [and] left the problems unspotted and distributed the vulnerabilities to lots of of hundreds of finish clients — leaving them weak to assaults,” the researchers stated.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.