Realtek vulnerabilities compromise hundreds of thousands of routers, IoT devices

Image of padlock against circuit board/cybersecurity background
(Image credit: Future)

Cybersecurity analysts have discovered critical security vulnerabilities in Realtek chips that affect more than 65 hardware manufacturers and a variety of wireless devices.

The vulnerabilities were uncovered by IoT Inspector, the makers of the firmware security analysis platform of the same name, during an analysis of the binaries packaged as part of the Realtek SDK.

“We performed vulnerability research on those binaries and identified more than a dozen vulnerabilities – ranging from command injection to memory corruption affecting UPnP, HTTP (management web interface), and a custom network service from Realtek,” explained researchers in a blog post.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> <a href="" data-link-merchant=""" target="_blank">Click here to start the survey in a new window <<

The vulnerabilities can be exploited remotely by attackers to fully compromise the vulnerable devices and execute arbitrary code with the highest level of privileges.

Supply chain transparency

According to IoT Inspector, Realtek provides the SDK to vendors and manufacturers that use the RTL8xxx system-on-a-chip (SoC).

The list of hardware manufacturers affected by the Realtek vulnerabilities includes Asus, Belkin, D-Link, Edimax, Logitech, Netgear, ZTE, and more, and cover an equally wide range of devices, from residential gateways to travel routers, Wi-Fi repeaters, IP cameras, smart lightning gateways and even connected toys.

“We identified at least 65 different affected vendors with close to 200 unique fingerprints, thanks both to Shodan’s scanning capabilities and some misconfiguration by vendors and manufacturers who expose those devices to the Internet,” the researchers observed.

Citing recent supply chain attacks such as SolarWinds and Kaseya, the researchers believe the vulnerabilities in the Realtek SDK are a prime example of how an obscure supply chain can lead to all kinds of attacks.

Florian Lukavsky, MD at IoT Inspector, says the researchers notified Realtek about the vulnerabilities and a patch was issued promptly. Lukavsky urges manufacturers who use the vulnerable Wi-Fi modules to check their devices and provide security patches to their users without delay.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.