Critical Realtek vulnerabilities and 374 LTS

[reddy]

Hi,

Realtek has recently announced critical vulnerabilities affecting RT-Nxx models:

• CVE-2021-35392, Wi-Fi Simple Config stack buffer overflow (UPnP)
• CVE-2021-35393, Wi-Fi Simple Config heap buffer overflow (SSDP)
• CVE-2021-35394, MP Daemon diagnostic tool command injection
• CVE-2021-35395, management web interface multiple vulnerabilities

https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2021-35392_35395.pdf

Does anyone know if that will be mitigated in the 374 LTS?

 

[ColinTaylor]

Does anyone know if that will be mitigated in the 374 LTS?

These are vulnerabilities in the Realtek SDK so none of them would apply to any Merlin/fork firmware as those are using Broadcom hardware/SDK.

The "known" effected Asus models are WL330-NUL, RT-N10E, RT-N10LX, RT-N12E and RT-N12LX.

 

[reddy]

Ah, great, thanks! I was fooled with this "RT-Nxx" info in the news I read.

 

[Igor]

From August 2021 to December 2022, we have observed 134 million exploit attempts in total, targeting CVE-2021-35394, with 97% of these attacks occurring after the start of August 2022.

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

We observed a recent spate of supply chain attacks attempting to exploit CVE-2021-35394, affecting IoT devices with chipsets made by Realtek.

unit42.paloaltonetworks.com