Taiwanese chip designer Realtek is warning of four security vulnerabilities in three software package enhancement kits (SDKs) accompanying its WiFi modules, which are employed in just about 200 IoT devices designed by at minimum 65 suppliers.
The flaws, which influence Realtek SDK v2.x, Realtek “Jungle” SDK v3./v3.1/v3.2/v3.4.x/v3.4T/v3.4T-CT, and Realtek “Luna” SDK up to edition 1.3.2, could be abused by attackers to absolutely compromise the concentrate on system and execute arbitrary code with the greatest level of privilege —
- CVE-2021-35392 (CVSS rating: 8.1) – Heap buffer overflow vulnerability in ‘WiFi Straightforward Config’ server thanks to unsafe crafting of SSDP NOTIFY messages
- CVE-2021-35393 (CVSS score: 8.1) – Stack buffer overflow vulnerability in ‘WiFi Straightforward Config’ server because of to unsafe parsing of the UPnP SUBSCRIBE/UNSUBSCRIBE Callback header
- CVE-2021-35394 (CVSS rating: 9.8) – A number of buffer overflow vulnerabilities and an arbitrary command injection vulnerability in ‘UDPServer’ MP resource
- CVE-2021-35395 (CVSS rating: 9.8) – Various buffer overflow vulnerabilities in HTTP web server ‘boa’ owing to unsafe copies of some overly long parameters
Impacting devices that implement wireless capabilities, the listing includes household gateways, travel routers, WiFi repeaters, IP cameras to clever lightning gateways, or even related toys from a wide assortment of brands this sort of as AIgital, ASUSTek, Beeline, Belkin, Buffalo, D-Url, Edimax, Huawei, LG, Logitec, MT-Url, Netis, Netgear, Occtel, PATECH, TCL, Sitecom, TCL, ZTE, Zyxel, and Realtek’s personal router lineup.
“We got 198 one of a kind fingerprints for products that answered in excess of UPnP. If we estimate that each individual unit may perhaps have marketed 5k copies (on average), the complete depend of affected devices would be close to a million,” scientists reported.
Although patches have been released for Realtek “Luna” SDK in variation 1.3.2a, users of the “Jungle” SDK are encouraged to backport the fixes presented by the company.
The security issues are explained to have remained untouched in Realtek’s codebase for extra than a 10 years, German cybersecurity specialist IoT Inspector, which found out the weaknesses, explained in a report published Monday a few months immediately after disclosing them to Realtek in May well 2021.
“On the item vendor’s end, […] brands with obtain to the Realtek source code […] skipped to adequately validate their offer chain, [and] still left the issues unspotted and distributed the vulnerabilities to hundreds of hundreds of close prospects — leaving them vulnerable to attacks,” the scientists reported.
Identified this report appealing? Abide by THN on Facebook, Twitter and LinkedIn to examine extra special written content we submit.
Some parts of this posting are sourced from: