WiFi Chipset Firmware Flaw Can Lead To Pwnage In A Whole Lot Of Devices

A report from a security researcher is claiming that a vulnerability affecting the firmware of a popular WiFi chipset deployed in a wide range of devices, such as laptops, smartphones, gaming rigs, routers, and Internet of Things (IoT) devices.

Denis Selianin says that vulnerability impacts the firmware of Marvell Avastar 88W8897, one of the most popular WiFi chipsets on the market. You can find it in devices like the Sony PlayStation 4, Xbox One, Microsoft Surface laptops, Samsung Chromebooks, Samsung Galaxy J1 smartphones, and Valve SteamLink cast devices, just to name a few.

Selianin described how someone could exploit the Avastar firmware (based on a custom implementation of the ThreadX real-time operating system) to execute malicious code without any user interaction. The report contains the technical details on exploiting the vulnerability and a demo video which is below.

Proof-of-concept code has not been released at this time. But patches are in the works. Check for updates shortly on your device.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: