It has been reported that major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device’s wireless communications. The six flaws were reported by researchers from Israeli IoT security firm Vdoo. The Realtek RTL8195A module is a standalone, low-power-consumption Wi-Fi hardware module targeted at embedded devices used in several industries such as agriculture, smart home, healthcare, gaming, and automotive sectors. It also makes use of an “Ameba” API, allowing developers to communicate with the device via Wi-Fi, HTTP, and MQTT, a lightweight messaging protocol for small sensors and mobile devices.
<p>Vulnerabilities in embedded devices are problematic due to their potential for being invasive in environments and having little functionality for end-users to manage coordinated updates, as many devices are ‘blackboxes’ of components pulled together to perform a single job. Depending on the device function there could be hundreds of devices, if not more, running vulnerable hardware modules. As a result, it is good practice to treat IoT devices as insecure by default and build controls around them to minimise risk. In this case, for example, it is difficult to know what devices have the vulnerable Realtek WiFi module within them. Consequently, it can be impossible for end-users to know if they need to update their device. This pushes the responsibility to the device vendor using the Realtek module to produce an update that installs the updated module firmware to any affected devices and ultimately ensure the device in question can accept a firmware update via some form of update mechanism. It looks like the most serious of the vulnerabilities released in the Realtek 8195A module do not require knowledge of the WiFi password to exploit and thus use affected devices to gain access to networks containing the device. Therefore, if possible, it is recommended to install any available firmware updates and ensure network-level controls are in place to minimise the risk of the device being used as a stepping-stone into a wider environment.</p>