Cougar Terminator gaming chair review
G.Skill TridentZ5 RGB DDR5 7200 CL34 2x16 GB review
ASUS TUF Gaming B760-PLUS WIFI D4 review
Netac NV7000 2 TB NVMe SSD Review
ASUS GeForce RTX 4080 Noctua OC Edition review
MSI Clutch GM51 Wireless mouse review
ASUS ROG STRIX B760-F Gaming WIFI review
Asus ROG Harpe Ace Aim Lab Edition mouse review
SteelSeries Arctis Nova Pro Headset review
Ryzen 7800X3D preview - 7950X3D One CCD Disabled
Realtek chips make routers and IoT devices from at least 65 manufacturers vulnerable
According to IoT Inspector, security experts have uncovered critical security flaws in the software developer kit that Realtek makes available to its clients. Essentially, hundreds of thousands of routers and Internet of Things devices are at risk.
Known as RTL8xxx, the potentially susceptible system-on-a-chips in issue have made their way into a wide range of consumer products, including gateways, compact routers, and Wi-Fi amplifiers, as well as smart cameras, smart lighting gateways, and even toys with Internet of Things functionality. A total of at least 65 different brands of products pose a threat to public health. Over 200 different fingerprints demonstrate that devices can be linked to the internet in a variety of ways, thanks to misconfigurations made by the manufacturers who followed the SDK's specifications.
"There are more than a dozen individual vulnerabilities," according to the report. In comparison to assaults such as those on Kaseya and SolarWinds, IoT Inspector believes that the scenario is similar in that obscure hardware flaws might cause huge difficulties on a greater scale. However, it is currently unknown whether or not the newly discovered vulnerabilities have been actively exploited by bad actors. Realtek has already been alerted by the researchers, and the company has already released a patch, though it is unclear whether the patch will address all of the issues. Furthermore, manufacturers have not yet distributed the patch to their own products that are affected by the bug.
IoT Inspector , NIST (1) , (2) , (3) , (4)
Synology Launches DS220j fitted with a Realtek RTD1296 Quad Core CPU - 03/13/2020 10:02 AM
Synology launched DiskStation DS220j, an entry-level 2-bay network-attached storage (NAS) built for data consolidation and management. DS220j is an entry-level 2-bay NAS designed for home and persona...
Realtek uncovers new SSD controllers, one has PCIe 4.0 support - 08/15/2019 08:22 AM
Of course, everybody with a modern motherboard has some sort of Realtek chip on it, whether that is for audio or LAN. Soon they will launch NAND controllers as well, and one in specific already will s...
2.5 Gbps Ethernet going Mainstream? Realtek launching RTL8125 mobo chip - 10/05/2018 08:59 AM
I've been evangelizing faster Ethernet for a year or so now. In the years to come, we will slowly transition to faster Ethernet as 1 Gbps is getting out of fashion. While Quantia already offers up-...
Download Display Driver Uninstaller DDU version 18.0.0.0 (Preliminary Realtek and Creative Support) - 09/10/2018 09:05 AM
Display Driver Uninstaller DDU version 18.0.0.0 is available for download - DDU is a driver removal utility for AMD/NVIDIA graphics card Realtek and SoundBlaster drivers and packages. This release in...
New Realtek RTS5762 and RTS5763DL NVMe SSD controllers reach 3.5 GB/s - 06/26/2018 09:51 AM
There have been a number of trends in the SSD arena this year, 64-layer 3D NAND, QLC and NAND controllers based on NVMe are on the rise. Samsung, Marvell and Silicon motion already have some excellen...
schmidtbag
Senior Member
Posts: 7255
Joined: 2012-11-10
Senior Member
Posts: 7255
Joined: 2012-11-10
#5938740 Posted on: 08/17/2021 02:23 PM
Now I'll be curious to see how this works. E.g., my provider's box probably doesn't really like people flashing the firmware. I've seen routers / boxes handed out by ISP which you couldn't even find online because they seemed to be OEM parts...
So who's going to flash the firmwares? Customers, who in general barely know how to get any such devices running? The ISP over the air?
For rented devices, I wouldn't be surprised if the ISP either recalls them or flashes them without telling the customer. If you bought your own, I don't think they'll care.
Now I'll be curious to see how this works. E.g., my provider's box probably doesn't really like people flashing the firmware. I've seen routers / boxes handed out by ISP which you couldn't even find online because they seemed to be OEM parts...
So who's going to flash the firmwares? Customers, who in general barely know how to get any such devices running? The ISP over the air?
For rented devices, I wouldn't be surprised if the ISP either recalls them or flashes them without telling the customer. If you bought your own, I don't think they'll care.
fantaskarsef
Senior Member
Posts: 14314
Joined: 2014-07-21
Senior Member
Posts: 14314
Joined: 2014-07-21
#5938742 Posted on: 08/17/2021 02:33 PM
Alright, as long as they do either... I'm okay with computers, but nertworking equipment isn't really a speciality of mine. Still surprised I didn't brick my last router flashing Merlin WRT firmware
For rented devices, I wouldn't be surprised if the ISP either recalls them or flashes them without telling the customer. If you bought your own, I don't think they'll care.
Alright, as long as they do either... I'm okay with computers, but nertworking equipment isn't really a speciality of mine. Still surprised I didn't brick my last router flashing Merlin WRT firmware
hawk7000
Member
Posts: 43
Joined: 2017-08-24
Member
Posts: 43
Joined: 2017-08-24
#5938744 Posted on: 08/17/2021 02:39 PM
I agree, but I wouldn't count on things working out that well... Based on how things usually go, it seems more likely that the typical approach will be to just ignore the whole thing.
Alright, as long as they do either... I'm okay with computers, but nertworking equipment isn't really a speciality of mine. Still surprised I didn't brick my last router flashing Merlin WRT firmware
I agree, but I wouldn't count on things working out that well... Based on how things usually go, it seems more likely that the typical approach will be to just ignore the whole thing.
fantaskarsef
Senior Member
Posts: 14314
Joined: 2014-07-21
Senior Member
Posts: 14314
Joined: 2014-07-21
#5938747 Posted on: 08/17/2021 02:43 PM
Which is exactly my thinking and reasoning, trying to have a DIY plan ready.
I agree, but I wouldn't count on things working out that well... Based on how things usually go, it seems more likely that the typical approach will be to just ignore the whole thing.
Which is exactly my thinking and reasoning, trying to have a DIY plan ready.
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 14314
Joined: 2014-07-21
Now I'll be curious to see how this works. E.g., my provider's box probably doesn't really like people flashing the firmware. I've seen routers / boxes handed out by ISP which you couldn't even find online because they seemed to be OEM parts...
So who's going to flash the firmwares? Customers, who in general barely know how to get any such devices running? The ISP over the air?