The IoT has long been thought to be full of gaping vulnerabilities for attackers to exploit, and it’s now becoming a reality as two recently vulnerability disclosures say millions of IoT devices could be at risk and allow attackers to spy on organizations or completely control affected devices.
IoT Inspector was the first to disclose a series of vulnerabilities in Realtek SDK, which it says affects “hundreds of thousands of devices down the supply chain,” including routers, Wi-Fi repeaters, IP cameras, smart lighting gateways and other connected devices.
At least 65 vendors have products that are exposed to more than a dozen vulnerabilities, including command injection, memory corruption affected UPnP, HTTP and a custom network service from Realtek.
Exploiting those vulnerabilities could allow a remote attacker to fully compromise the device and execute arbitrary cod with the highest level of privilege, according to IoT inspector.
Notable vendors include Netgear, Logitech, Belkin, Realtek, ZTE, LG International, D-Link and more, IoT Inspector says.
Here’s more from IoT Inspector:
Over the course of a research project focusing on a specific cable modem, we identified that the system was using a dual-SoC design. The main SoC was running a Linux system, while the second SoC – a dedicated Realtek RTL819xD chipset implementing all the access point functions – was found to be running another, stripped-down Linux system from Realtek.
Realtek chipsets are found in many embedded devices in the IoT space. RTL8xxx SoCs – which provide wireless capabilities – are very common. We therefore decided to spend time identifying binaries running on the RTL819xD on our target device, which expose services over the network and are provided by Realtek themselves. Such binaries are packaged as part of the Realtek SDK, which is developed by Realtek and provided to vendors and manufacturers who use the RTL8xxx SoCs.
Supported by IoT Inspector’s firmware analysis platform, we performed vulnerability research on those binaries and identified more than a dozen vulnerabilities – ranging from command injection to memory corruption affecting UPnP, HTTP (management web interface), and a custom network service from Realtek.
IoT Inspector cited recent supply chain attacks leveraging SolarWinds and Kaseya, but said attacks leveraging IoT devices are far less complicated.
The company said insufficient secure software development practices led to these critical issues to remain, manufacturers don’t validate the security of their supply chain and the cybersecurity community failed to link previously discovered issues to these vulnerabilities.