According to IoT Inspector, security experts have uncovered critical security flaws in the software developer kit that Realtek makes available to its clients. Essentially, hundreds of thousands of routers and Internet of Things devices are at risk.
Known as RTL8xxx, the potentially susceptible system-on-a-chips in issue have made their way into a wide range of consumer products, including gateways, compact routers, and Wi-Fi amplifiers, as well as smart cameras, smart lighting gateways, and even toys with Internet of Things functionality. A total of at least 65 different brands of products pose a threat to public health. Over 200 different fingerprints demonstrate that devices can be linked to the internet in a variety of ways, thanks to misconfigurations made by the manufacturers who followed the SDK’s specifications.
“There are more than a dozen individual vulnerabilities,” according to the report. In comparison to assaults such as those on Kaseya and SolarWinds, IoT Inspector believes that the scenario is similar in that obscure hardware flaws might cause huge difficulties on a greater scale. However, it is currently unknown whether or not the newly discovered vulnerabilities have been actively exploited by bad actors. Realtek has already been alerted by the researchers, and the company has already released a patch, though it is unclear whether the patch will address all of the issues. Furthermore, manufacturers have not yet distributed the patch to their own products that are affected by the bug.