Huge Vulnerability on Realtek’s RTL819x SoC, Which Probably Includes You

Source: Bleeping Computer Huge Vulnerability on Realtek’s RTL819x SoC, Which Probably Includes You

SIP-ping On An Insecure Pipe

Four researchers from Faraday Security in Argentina revealed a flaw in Realtek’s RTL819x SoC at DEFCON which is found in everything from routers and access points to signal repeaters.  The list of vendors that use the RTL819x is long, with more than 60 companies including ASUSTek, Belkin, D-Link, TRENDnet, and Zyxel.   The good news is that a patch was released by Realtek back in March for their rtl819x-eCos-v0.x series and rtl819x-eCos-v1.x and any product manufactured after March 2022 is already secured from this flaw.

The bad news is pretty dismal for history has shown that IoT vendors do not always bother to release patches for vulnerabilities so there is a good chance that the affected devices are still vulnerable.  The 9.8 out of 10 vulnerability is a doozy unfortunately.  This particular vulnerability requires no input from the user of the device, it can be triggered remotely without their knowledge.  Even better, this exploit works even if you disabled remote management on the device!

Once in, an attacker can crash the device, execute arbitrary code, establish backdoors as well as being able to reroute and intercept any network traffic that passes through the device.   Bleeping Computer linked to a Snort rule created by one of the researchers who discovered the flaw in their article, which you can use to see if you are infected.

CVE-2022-27255 is a stack-based buffer overflow with a severity score of 9.8 out of 10 that enables remote attackers to execute code without authentication by using specially crafted SIP packets with malicious SDP data.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

1 Comment

  1. vivy

    onee-sama is sad about this

    jeremy, you know kuroko?

    and OMG, your profile pic

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!