Ukuba sengozini kumadivayisi asuselwa ku-Realtek SoC evumela ukwenziwa kwekhodi ngokuthumela iphakethe le-UDP

Abacwaningi abavela ku-Faraday Security bethule imininingwane yenkomfa ye-DEFCON yokuxhashazwa kokuba sengozini okubalulekile (CVE-2022-27255) ku-SDK yama-chips e-Realtek RTL819x, okukuvumela ukuthi usebenzise ikhodi yakho kudivayisi ngokuthumela iphakethe le-UDP eliklanywe ngokukhethekile. Ukuba sengozini kuyaphawuleka ngoba kukuvumela ukuthi uhlasele amadivaysi akhubaze ukufinyelela kuhleloxhumano lwewebhu lwamanethiwekhi angaphandle - ukuthumela iphakethe elilodwa le-UDP kwanele ukuhlasela.

Ukuba sengozini kuthinta amadivayisi asebenzisa izinguqulo ezisengozini ye-Realtek SDK, okufaka phakathi i-eCos RSDK 1.5.7p1 ne-MSDK 4.9.4p1. Izibuyekezo ze-eCos SDK ezilungisa ukuba sengozini zishicilelwe yi-Realtek ngomhla ka-25 Mashi. Okwamanje akukacaci ukuthi imaphi amadivayisi athintwe inkinga - i-Realtek RTL819x SoC isetshenziswa kumarutha enethiwekhi, izindawo zokufinyelela, izikhulisa-msindo ze-Wi-Fi, amakhamera e-IP, amadivayisi we-inthanethi Yezinto namanye amadivayisi enethiwekhi avela kubakhiqizi abangaphezu kuka-60, okuhlanganisa i-Asus. , A-Link, Beeline, Belkin , Buffalo, D-Link, Edison, Huawei, LG, Logitec, MT-Link, Netgear, Smartlink, UPVEL, ZTE kanye neZyxel.

Izibonelo zemisebenzi yokuthola ukufinyelela okukude kudivayisi nokwenza imiyalo sezivele zishicilelwe esidlangalaleni, kusetshenziswa isibonelo sokuhlaselwa kwerutha ye-Nexxt Nebula 300 Plus. Ukwengeza, izinsiza zokuhlaziya i-firmware yokuba sengozini zishicilelwe.

Njengoba kunikezwe izinkinga zokulungiselela nokulethwa kanye nezibuyekezo ze-firmware zamadivayisi asekhishiwe, kulindeleke ukuthi ukuhlaselwa okuzenzakalelayo nezikelemu kuzovela maduze okuthinta amadivayisi enethiwekhi asengozini. Ngemva kokuhlasela okuphumelelayo, amadivaysi athintekile angasetshenziswa abahlaseli, isibonelo, ukwenza ama-botnets, ukwethula izicabha ezingemuva ukuze ushiye i-backdoor kunethiwekhi yangaphakathi yebhizinisi, ukunqanda ithrafikhi yezokuthutha noma ukuyiqondisa kabusha kumsingathi wangaphandle.

Ukuba sengozini kubangelwa ukuchichima kwebhafa kumojuli ye-SIP ALG (SIP Application Layer Gateway), esetshenziselwa ukuhlela ukudluliselwa kwamaphakethe e-SIP ngemva komhumushi wekheli. Inkinga ibangelwa ukushoda kokuhlola usayizi wangempela wedatha etholiwe, okuholela ekubhaleni phezu kwememori ngaphandle kwebhafa elungisiwe lapho i-strcpy ibizwa ngenkathi icubungula amaphakethe e-SIP. Ukuhlasela kungenziwa ngokuthumela iphakethe le-UDP elinamanani enkundla angalungile kubhulokhi yedatha ye-SDP noma unhlokweni wephrothokholi ye-SIP. Ukuze usebenze, kwanele ukuthumela iphakethe elilodwa embobeni ye-UDP engafanele yesixhumi esibonakalayo se-WAN.

Njengendlela yokusebenza ukuze uvikeleke, kunconywa ukuvimba amaphakethe e-UDP ngomlayezo we-SIP othi β€œMEMA”, iyunithi yezinhlamvu β€œm=audio” kanye nosayizi omkhulu kunamabhayithi angu-128 ku-firewall noma ohlelweni lokuvimbela ukungena kwenethiwekhi. Isibonelo somthetho wokuthola imizamo yokuxhashazwa ku-IDS Snort 3: xwayisa udp noma iyiphi -> noma iyiphi (sid:1000000; \ msg: "Realtek eCOS SDK SIP Traffic Exploit CVE-2022-27255"; \ okuqukethwe: "mema"; : 6; i-nocase; \ okuqukethwe: "m=audio "; \ isdataat: 128,relative; content:!"|0d|"; ngaphakathi: 128;)

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS πŸ”₯ Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster