Security News > 2021 > August > Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395)

Realtek SDK vulnerability exploitation attempts detected (CVE-2021-35395)
2021-08-24 09:55

Threat actors are attempting to exploit CVE-2021-35395, a group of vulnerabilities in the web interface of the Realtek SDK, to spread Mirai malware to vulnerable IoT devices.

A week ago, IoT Inspector researchers released details about four CVE-numbered flaws affecting the Realtek SDK, which comes with a specific system on a chip manufactured by Taiwanese semiconductor company Realtek.

The SoC in questions - the Realtek RTL819xD chipset - is found in many embedded devices in the IoT space.

CVE-2021-35395 exploitation attempts have been flagged by Israeli network security company SAM Seamless Network, which detected them via their home security solution.

"Specifically, we noticed exploit attempts to 'formWsc' and 'formSysCmd' web pages. The exploit attempts to deploy a Mirai variant detected in March by Palo Alto Networks," Omri Mallis, the company's Chief Product Archited, shared.

SAM's researchers have analyzed anonymously collected network data from more than 2 million home and business networks, and found that a Wi-Fi extender by Netic and two routers by Edimax and Repotec are the the most common devices with the Realtek SDK. Users of IoT devices would do well to check the list of affected manufacturers and device models to see whether their devices are vulnerable, and then wheter the manufacturers have already provided a patch.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/MwBoRwrKWUA/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-16 CVE-2021-35395 Unspecified vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point.
network
low complexity
realtek
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Realtek 40 1 11 43 8 63