Realtek software vulnerabilities endanger hundreds of thousands of routers and IoT devices

Cybersecurity analysts have discovered critical vulnerabilities in Realtek chips that affect more than 65 hardware manufacturers and various wireless devices.

The vulnerabilities were discovered by IoT Inspector, creator of the firmware security analysis platform of the same name, while analyzing binaries that are part of Realtek's SDK.

Vulnerabilities can be exploited remotely by attackers to completely compromise vulnerable devices and execute arbitrary code with maximum privilege.

The list of hardware vendors affected by the Realtek vulnerabilities includes Asus, Belkin, D-Link, Edimax, Logitech, Netgear, ZTE and others, and covers an equally wide range of devices, from residential gateways to travel routers, Wi-Fi repeaters, IP cameras, intelligent lightning rods and even toys.

Researchers notified Realtek of the vulnerability and a patch was released immediately. IoT Inspector urges manufacturers using vulnerable Wi-Fi modules to test their devices and provide security patches to their users immediately.

Source: iot-inspector