Cybersecurity specialists from the information security firm Vdoo have found a number of critical vulnerabilities (CVE-2020-27301 and CVE-2020-27302) in the Realtek RTL8170C Wi-Fi module. Their exploitation allows to gain elevated privileges on a device, complete control of the module and potential root access on the OS.

Realtek RTL8710C Wi-Fi underpins Ameba, an Arduino-compatible programmable platform. It is equipped with peripheral interfaces for building a variety of IoT applications for agriculture, automotive, energy, healthcare, industry, security, and more.

The flaws affect all embedded and IoT devices that use the component to connect to Wi-Fi networks. For successful exploitation, an attacker is required to be on the same Wi-Fi network as the devices that use the RTL8710C module.

The WPA2 four-way handshake mechanism of the RTL8170C Wi-Fi module contains two stack-based buffer overflow vulnerabilities (CVE-2020-27301 and CVE-2020-27302). Both problems received a CVSS score of 8.0.

The specialists reported about the problems that they have found to Realtek. Firmware versions released after January 11, 2021 contain fixes for these issues.

Source: securitylab.ru