Critical vulnerabilities in chipsets of 65 IoT device manufacturers using a Realtek software development kit (SDK)

A group of researchers revealed the discovery of severe vulnerabilities in chipsets used by dozens of manufacturers of Internet of Things (IoT) devices. According to the report, the flaw affects nearly 200 lines of WiFi devices using Realtek software development kit (SDK), equivalent to hundreds of thousands of compromised devices.

In a report published just a few hours ago, experts from the security firm IoT Inspector say that the flaws reside in the Realtek RTL819xD chip and its successful exploitation would allow threat actors to gain root access to the host device and the operating system, in addition to the risk that other devices on the same network would be compromised.

It should be noted that the affected software is used on all kinds of devices, including conventional routers and IP cameras.   

The researchers add that a total of four faults were detected:

  • CVE-2021-35392: SimpleConfig WiFi Stack-Based Buffer Overflow
  • CVE-2021-35393: Heap-Based Buffer Overflow
  • CVE-2021-35394: MP Daemon Diagnostic Tool Command Injection Vulnerability
  • CVE-2021-35395: Multiple Bugs in SDK Management Web Interface

According to the report, the most severe of these flaws is the execution of commands in formSysCmd, as their successful exploitation does not require advanced knowledge of hacking or interaction with the target user: “Exploiting these flaws would allow unauthenticated remote hackers to compromise the affected device and execute arbitrary code with high privileges,” says Florian Lukavsky, member of the research team.

During the research the experts used Shodan to identify systems exposed to these internet failures, uncovering a large number of vulnerable routers employed by internet service providers in countries such as India, China and Taiwan.

This is not the first finding of its kind, as researchers previously found multiple flaws in devices using Realtek software, plus the appearance of multiple vulnerabilities is also related to the way manufacturers implement some tools. In addition to implementing developer-issued update patches, users of affected deployments are encouraged to enable additional security mechanisms to prevent potential intrusion attempts.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.