Vatsvagiri kubva kuFaraday Security vakaunzwa kumusangano weDEFCON ruzivo rwekushandiswa kwekusagadzikana kwakanyanya (CVE-2022-27255) muSDK yeRealtek RTL819x chips, iyo inokutendera kuti uite kodhi yako pachishandiso nekutumira yakanyatsogadzirirwa UDP pakiti. Kusagadzikana kwacho kunoonekwa nekuti kunokubvumidza kuti urwise zvishandiso zvatadza kupinda pawebhu interface kune ekunze network - kungotumira imwe UDP pakiti inokwana kurwisa.
Kusagadzikana uku kunokanganisa zvishandiso zvinoshandisa vhezheni dzisina njodzi dzeRealtek SDK, kusanganisira eCos RSDK 1.5.7p1 uye MSDK 4.9.4p1. eCos SDK zvigadziriso zvinogadzirisa kusagadzikana zvakaburitswa neRealtek munaKurume 25. Izvo hazvisati zvanyatsojeka kuti ndezvipi zvishandiso zvinokanganiswa nedambudziko - iyo Realtek RTL819x SoC inoshandiswa mune network routers, nzvimbo dzekuwana, Wi-Fi amplifiers, IP kamera, Internet yezvinhu zvishandiso uye zvimwe zvishandiso zvetiweki kubva kune vanopfuura makumi matanhatu vanogadzira, kusanganisira Asus. , A-Link, Beeline, Belkin , Buffalo, D-Link, Edison, Huawei, LG, Logitec, MT-Link, Netgear, Smartlink, UPVEL, ZTE uye Zyxel.
Mienzaniso yezviitiko zvekuwana kure kure kune mudziyo uye kuita mirairo uchishandisa muenzaniso wekurwiswa kweNexxt Nebula 300 Plus router zvakatoburitswa munzvimbo yeruzhinji. Pamusoro pezvo, zvishandiso zvekuongorora firmware zvekusagadzikana zvakaburitswa.
Tichifunga nezvematambudziko nekugadzirira uye kuendesa uye firmware zvigadziriso zvezvishandiso zvakatoburitswa, zvinotarisirwa kuti otomatiki kurwiswa nehonye zvichakurumidza kuoneka zvinokanganisa network network. Mushure mekurwisa kwakabudirira, zvishandiso zvakakanganisika zvinogona kushandiswa nevanorwisa, semuenzaniso, kugadzira botnets, kusuma madoor kuti asiye backdoor mukati metiweki yemukati yebhizinesi, kuvharira traffic yekufambisa kana kuiendesa kune wekunze.
Kusagadzikana uku kunokonzerwa nekufashukira kwebhafa muSIP ALG (SIP Application Layer Gateway) module, inoshandiswa kuronga kutumirwa kweSIP mapaketi kuseri kwemuturikiri wekero. Nyaya yacho inokonzerwa nekushaikwa kwekutarisa kwehukuru chaihwo hwe data yakagamuchirwa, izvo zvinoguma nekuwedzeredza ndangariro kunze kweiyo yakagadziriswa buffer apo strcpy inodanwa uchigadzira SIP mapaketi. Kurwiswa kwacho kunogona kuitwa nekutumira UDP pakiti ine zvisirizvo zvemunda kukosha muSDP data block kana SIP protocol musoro. Kuti ushande, zvakakwana kutumira pakiti imwe kune inopokana UDP port yeWAN interface.
Sechishandiso chekudzivirira, zvinokurudzirwa kuvhara pane firewall kana network intrusion kudzivirira system UDP mapaketi ane SIP meseji "INVITE", tambo "m = audio" uye saizi yakakura kupfuura 128 bytes. Muenzaniso mutemo wekuona kuedza kushandiswa muIDS Snort 3: yambiro udp chero ipi -> chero ipi (sid:1000000; \ msg: "Realtek eCOS SDK SIP Traffic Exploit CVE-2022-27255"; \ zvirimo: "koka" kudzika; : 6; nocase; \ content: "m=audio "; \ isdataat: 128,relative; content:!"|0d|"; mukati: 128;)
Source: opennet.ru
