Critical Flaws Within the Ubiquitous Realtek Wi-Fi Modules
Realtek Wi-Fi modules are ever-present in wireless devices, mainly laptops. Flaws in these modules are potential security risks for devices that use them; and a flaw has apparently been found by Israeli Cybersecurity Firm Vdoo, specifically in the Realtek RTL8170C Wi-Fi module. Exploiting this flaw can allow attackers to gain elevated privileges on a device and hijack wireless communications
“Successful exploitation would lead to complete control of the Wi-Fi module and potential root access on the OS (such as Linux or Android) of the embedded device that uses this module,”
–Vdoo, Israeli security firm
The Wi-Fi module in question can be used in various IoT applications for agriculture, automotive, energy, healthcare, industrial, security, and smart homes. The attacker would have to be in the same network and know the network’s PSK to gain the privileges he needs on the machines and do what he’s set out to do.
An earlier report on the Realtek RTL8195A Wi-Fi module involving a buffer overflow vulnerability (CVE-2020-9395) which allows the attacker to take over the module without having to know the Wi-Fi network password also comes in play with the RTL8170C. This allows attackers to bypass WPA2 security thanks to two stack-based buffer overflow vulnerabilities (CVE-2020-27301 and CVE-2020-27302) and perform remote code execution.
Vdoo demonstrated the proof-of-concept to the vulnerability but so far, there have been no reported attacks using it. The vulnerability should be mitigated by updating to the latest firmware and through the use of a strong WPA2 password. Those in charge of information security should be keen on updating the firmware of their devices especially those that use the modules in question and all Wi-Fi modules in general.