Exploit out for critical Realtek flaw affecting many networking devices

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Exploit code has been released for a critical vulnerability affecting networking devices with Realtek’s RTL819x system on a chip (SoC), which are estimated to be in the millions.

The flaw is identified as CVE-2022-27255 and a remote attacker could exploit it to compromise vulnerable devices from various original equipment manufacturers (OEMs), ranging from routers and access points to signal repeaters.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
It is unclear how many networking devices use RTL819x chips but the RTL819xD version of the SoC was present in products from more than 60 vendors. Among them ASUSTek, Belkin, Buffalo, D-Link, Edimax, TRENDnet, and Zyxel.
  • Devices using firmware built around the Realtek eCOS SDK before March 2022 are vulnerable
  • You are vulnerable even if you do not expose any admin interface functionality
  • Attackers may use a single UDP packet to an arbitrary port to exploit the vulnerability
  • This vulnerability will likely affect routers the most, but some IoT devices built around Realtek's SDK may also be affected
Users should check if their networking equipment is vulnerable and install a firmware update from the vendor released after March, if available. Other than this, organizations could try to block unsolicited UDP requests.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top