Vulnerabilities > Realtek
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2020-25857 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. | 7.5 |
| 2021-02-03 | CVE-2020-25856 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
| 2021-02-03 | CVE-2020-25855 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
| 2021-02-03 | CVE-2020-25854 | Out-of-bounds Write vulnerability in Realtek Rtl8195A Firmware The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. | 8.1 |
| 2021-02-03 | CVE-2020-25853 | Out-of-bounds Read vulnerability in Realtek Rtl8195A Firmware The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. | 7.5 |
| 2020-09-30 | CVE-2019-18990 | Authentication Bypass by Spoofing vulnerability in Realtek products A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. | 5.4 |
| 2020-07-06 | CVE-2020-9395 | Out-of-bounds Write vulnerability in Realtek products An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. | 8.0 |
| 2020-06-08 | CVE-2020-12773 | Unspecified vulnerability in Realtek Adsl Router SOC Firmware A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool. | 8.8 |
| 2020-02-12 | CVE-2019-11867 | NULL Pointer Dereference vulnerability in Realtek Ndis 10.1.505.2015 Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an input buffer from user space, which the driver assumes has a size greater than zero bytes. | 5.5 |
| 2020-01-27 | CVE-2019-19823 | Insufficiently Protected Credentials vulnerability in multiple products A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. | 7.5 |