EEVblog Electronics Community Forum

Products => Computers => Security => Topic started by: madires on January 26, 2023, 02:50:23 pm

Title: Update on CVE-2021-35394 (Realtek Jungle SDK)
Post by: madires on January 26, 2023, 02:50:23 pm

Do you remember CVE-2021-35394 (Realtek Jungle SDK) which affected tons of WiFI routers? If not, please see: Advisory: Multiple issues in Realtek SDK affect hundreds of thousands of devices down the supply chain (https://onekey.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/). This vulnerability is still actively exploited: Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats (https://unit42.paloaltonetworks.com/realtek-sdk-vulnerability/).

It's sad to see so many unpatched routers still in service.