Vulnerabilities > Realtek

DATE CVE VULNERABILITY TITLE RISK
2021-07-07 CVE-2021-32537 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Realtek HDA Driver
Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode.
local
low complexity
realtek CWE-119
6.5
2021-06-04 CVE-2020-27301 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware and Rtl8710C Firmware
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
low complexity
realtek CWE-787
7.7
2021-06-04 CVE-2020-27302 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware and Rtl8710C Firmware
A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.
low complexity
realtek CWE-787
7.7
2021-04-08 CVE-2020-23539 NULL Pointer Dereference vulnerability in Realtek Rtl8723De Firmware
An issue was discovered in Realtek rtl8723de BLE Stack <= 4.1 that allows remote attackers to cause a Denial of Service via the interval field to the CONNECT_REQ message.
network
low complexity
realtek CWE-476
7.8
2021-03-25 CVE-2021-27372 Insufficiently Protected Credentials vulnerability in Realtek Xpon Rtl9601D Software Development KIT 1.9
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.
network
low complexity
realtek CWE-522
critical
10.0
2021-02-03 CVE-2020-25857 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware
The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service.
network
low complexity
realtek CWE-787
5.0
2021-02-03 CVE-2020-25856 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware
The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service.
network
realtek CWE-787
6.8
2021-02-03 CVE-2020-25855 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware
The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service.
network
realtek CWE-787
6.8
2021-02-03 CVE-2020-25854 Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware
The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service.
network
realtek CWE-787
6.8
2021-02-03 CVE-2020-25853 Out-of-bounds Read vulnerability in Realtek Rtl8195A Firmware
The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service.
network
low complexity
realtek CWE-125
5.0