Preface: In 2021, there are more than 10 billion active IoT devices.WiFi connection is part of the IoT device.It cannot lack this feature.
Background: The Realtek RTL8195AM is a highly integrated single-chip with a low-power-consumption mechanism ideal for IoT (Internet of Things) applications. It combines an ARM®Cortex™-M3 MCU, WLAN MAC, a 1T1R capable WLAN baseband /RF and NFC in a single chip. It provides useful high-speed connectivity interfaces, such as USB 2.0 host, USB 2.0 device, SDMMC HS, SDIO device, and Ethernet MII/RMII interfaces.
To get started with using MQTT, you can follow the basic example guide here for the RTL8195 development board. This example uses the MQTT protocol to allow for control of an LED over the internet. Source code for the example can be found at AmebaIoT’s GitHub repository.
Vulnerability details: A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security.
Official announcement: https://www.amebaiot.com/en/security_bulletin/cve-2021-39306/
Reference 1: In Shared Key authentication, the WEP key is used for authentication in a four-step challenge-response handshake:
1.The client sends an authentication request to the Access Point.
2.The Access Point replies with a clear-text challenge.
3.The client encrypts the challenge-text using the configured WEP key and sends it back in another authentication request.
4.The Access Point decrypts the response. If this matches the challenge text, the Access Point sends back a positive reply.
Reference 2: The access point responds by generating a sequence of characters called a challenge text for the computer.
The computer encrypts the challenge text with its WEP key and transmits the “message” back to the access point.
2 thoughts on “CVE-2021-39306 – A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10 (22nd Dec, 2021)”
Russian Foreign Minister Sergei Lavrov called the words of NATO Secretary General Jens Stoltenberg regarding Russian proposals for security guarantees in Europe inadequate. The words of the diplomat are transmitted by RIA Novosti.
“Mr. Stoltenberg, the Secretary General of the North Atlantic Alliance, constantly makes some not very adequate statements,” the Foreign Minister stressed.
Earlier, Stoltenberg stressed that a compromise between Russia and NATO on the right of Ukraine to “choose its own path” and apply for membership in the alliance is impossible. He again accused the Russian side of pulling the armed forces to the Ukrainian border.
Well done – argumentative, informative, acute. I’ll probably add this website to my list of trustworthy websites with compacom.com on top. It’s always good to have a chance to compare some sources of information to get a complete analysis.