Vulnerabilities > Realtek

DATE CVE VULNERABILITY TITLE RISK
2021-11-02 CVE-2021-36924 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool overflow (leading to Escalation of Privileges, Denial of Service, and Code Execution) via a crafted Device IO Control packet to a device.
local
low complexity
realtek CWE-367
7.8
2021-11-02 CVE-2021-36925 Unspecified vulnerability in Realtek Rtsupx USB Utility Driver 1.14.0.0
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary read or write operation from/to physical memory (leading to Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.
local
low complexity
realtek
7.8
2021-08-16 CVE-2021-35392 Out-of-bounds Write vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols.
network
low complexity
realtek CWE-787
7.5
2021-08-16 CVE-2021-35393 Out-of-bounds Write vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols.
network
low complexity
realtek CWE-787
critical
9.8
2021-08-16 CVE-2021-35394 Unspecified vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary.
network
low complexity
realtek
critical
9.8
2021-08-16 CVE-2021-35395 Unspecified vulnerability in Realtek Jungle SDK
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point.
network
low complexity
realtek
critical
9.8
2021-06-04 CVE-2020-27301 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware and Rtl8710C Firmware
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
low complexity
realtek CWE-787
8.0
2021-06-04 CVE-2020-27302 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware and Rtl8710C Firmware
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
low complexity
realtek CWE-787
8.0
2021-04-08 CVE-2020-23539 NULL Pointer Dereference vulnerability in Realtek Rtl8723De Firmware 4.1
An issue was discovered in Realtek rtl8723de BLE Stack <= 4.1 that allows remote attackers to cause a Denial of Service via the interval field to the CONNECT_REQ message.
network
low complexity
realtek CWE-476
7.5
2021-03-25 CVE-2021-27372 Insufficiently Protected Credentials vulnerability in Realtek Xpon Rtl9601D Software Development KIT 1.9
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.
network
low complexity
realtek CWE-522
critical
9.8