WiFi chip firmware in a variety of devices used mainly for gaming, personal computing, and communication comes with multiple issues. At least some of them could be exploited to run arbitrary code remotely without requiring user interaction.
The security flaws were discovered in
ThreadX, a real-time operating system (RTOS) developed by Express Logic. The vendor claims on their website that ThreadX has over 6.2 billion deployments, being one of the most popular software powering Wi-Fi chips.
The firmware is also powering the Avastar 88W8897 SoC (Wi-Fi + Bluetooth + NFC) from Marvell, present in Sony PlayStation 4 (and its Pro variant), Microsoft Surface (+Pro) tablet and laptop, Xbox One, Samsung Chromebook and smartphones (Galaxy J1), and Valve SteamLink.
