Wired
A vulnerability was found in a Realtek chip widely used in network equipment such as routers, and its contents were made public.
Millions of units are expected to be affected, including products from Buffalo and ASUS, which also sell products in Japan.
Vulnerability that can be attacked with only IP address information
This vulnerability was discovered by a student at the University of Buenos Aires.
The severity score is as high as 9.8 out of 10, and attacks can be made using only the IP address information of the external connection side of the network device.
By attacking
- crash network equipment
- execute arbitrary code
- back door
- intercept communications
such as may be affected.
Manufacturers like Buffalo, ASUS, Belkin Affected
Products equipped with ‘RTL819x’, a chip in which vulnerabilities have been discovered, include those manufactured by manufacturers such as Buffalo, ASUS, and Belkin that sell network equipment such as routers in Japan.
Realtek released a patch for this vulnerability in March 2022.
However, this vulnerability affects millions of network devices, and it is unlikely that the patch will be applied to all devices.
Network equipment from manufacturers other than those listed in this article may also use this chip, so it’s a good idea to check your router for any missing updates.
Source: BleepingComputer
(Hauser)
Source: iPhone Mania