IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers can exploit Realtek Wi-Fi module bug to gain root access to devices

Realtek has already patched some newer modules

Darkened image of a hacker wearing a hoodie using computing equipment

Security researchers have discovered several flaws in the Realtek RTL8195A Wi-Fi module that could allow cyber criminals to gain remote root access to the Wi-Fi module and ultimately take complete control of the device’s wireless communications.

According to a blog post by Israeli cyber security firm Vdoo, the module is a compact, low-power Wi-Fi module targeted at embedded-device users in the agriculture, automotive, energy, smart home, health care, gaming, and security industries.

The module uses Realtek’s "Ameba" API that allows developers to communicate via Wi-Fi, HTTP, mDNS, MQTT, and more.

While researchers verified the issues in only the RTL8195A module, they said the problems could extend to other modules, including the RTL8711AM, RTL8711AF, and RTL8710AF.

The most severe of the six flaws researchers found is a remote stack overflow that allows an attacker near an RTL8195 module to take it over. The attacker wouldn’t need the Wi-Fi network password (PSK), and it wouldn’t matter if the module is acting as a Wi-Fi access point or client. 

Attackers can also exploit two other flaws without knowing the PSK, and three other flaws require the network’s PSK as a prerequisite for the attack.

Researchers said any version of the module built after April 21, 2020  are not affected by the vulnerabilities, while modules built after March 3, 2020 are protected from the most severe stack overflow exploit but are still vulnerable to all other flaws and will need patching. 

Users can download an updated version of the Ameba SDK from Realtek’s website to patch systems. If users can’t update the device’s firmware, researchers advised using a strong, private WPA2 passphrase to prevent exploitation.

Stephen Kapp, CTO and founder of Cortex Insight, told ITPro that depending on the device function, there could be hundreds of devices, if not more, running vulnerable hardware modules.

“As a result, it is good practice to treat IoT devices as insecure by default and build controls around them to minimize risk.  In this case, for example, it is difficult to know what devices have the vulnerable Realtek Wi-Fi module within them,” Kapp said. 

Kapp said it could be impossible for end users to know if they need to update their device, making it the vendor’s responsibility to release an update that installs the patched firmware on the device. 

“It looks like the most serious of the vulnerabilities released in the Realtek 8195A module do not require knowledge of the Wi-Fi password to exploit and thus use affected devices to gain access to networks containing the device. Therefore, if possible, it is recommended to install any available firmware updates and ensure network-level controls are in place to minimize the risk of the device being used as a stepping-stone into a wider environment,” added Kapp.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

What is Wi-Fi 6?
wifi & hotspots

What is Wi-Fi 6?

17 May 2022
Zyxel NWA90AX review: Wi-Fi 6 at a bargain price
wifi & hotspots

Zyxel NWA90AX review: Wi-Fi 6 at a bargain price

20 Apr 2022
Ubiquiti Networks UniFi U6-LR review: A wealth of features for a very fair price
wifi & hotspots

Ubiquiti Networks UniFi U6-LR review: A wealth of features for a very fair price

4 Feb 2022
Netgear Orbi Pro Wi-Fi 6 review: Super-fast and super pricey
wifi & hotspots

Netgear Orbi Pro Wi-Fi 6 review: Super-fast and super pricey

31 Jan 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022