Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks


Realtek, a Taiwanese semiconductor maker, has an important vulnerability in their eCos SDK that might make many vendors’ networking products vulnerable to remote assaults.

The security flaw, identified as CVE-2022-27255 and classified as “high severity,” has been defined as a stack-based buffer overflow that might enable a remote attacker to crash or execute arbitrary code on devices using the SDK. Using specifically constructed SIP packets, an attack can be launched across the WAN interface. Read More…