Alarming Wi-Fi Chipset Bug A Security Risk For Millions Of Game Consoles, Laptops, Routers And Other Devices
Most of the security vulnerabilities we write about at HotHardware fortunately won't affect the vast majority of readers. Either these exploits require user interaction to kick-start, or you have to be of particular interest as a target for someone to go through the effort of executing more complex attacks against you or your devices. But then there are those vulnerabilities that could impact any of us at any time, and worse, can be exploited with the ultimate of ease.
Embedi is a security firm that focuses on embedded devices and operating systems (hence the name). Through its research efforts, the company discovered some serious issues with the firmware of the widely-used ThreadX RTOS (real-time operating system). ThreadX is used on such wireless adapters as the Marvell Avastar 88W8897 Wi-Fi chip, which is employed in a wide swath of devices all over the market, in game consoles (including Xbox One and PlayStation 4), TV set top boxes, media servers, wireless routers, access points and more.
There are a few bugs that have been ousted here, but the most interesting of them all is a block pool overflow that requires interaction from the victim to exploit. This is thanks to a built-in function in ThreadX which will scan for new wireless networks every five minutes. If a network with malicious packets is picked up, then the bug gets exploited, and the desired code gets executed. Ultimately, this results in a compromised device, one where the attacker could gain full access.
Here's an example of an attack taking place...
Unfortunately, there doesn't seem to be a blanket fix for this security threat vector, but firmware can of course be updated to remedy the issue. However, it's not entirely clear how often the firmware on preexisting devices actually gets updated. While Microsoft Xbox and Sony PlayStation get regular updates, including new versions of software, do those updates also have the capabilities to flash firmware to a network device? We'd hope so, but if not, we can instead hope for a second solution that wouldn't bring about some other caveat.
This unfortunately seems like the type off bug where we'd hope for some quick answers from impacted device makers. Many of us own not just one affected device, but multiple (even some Microsoft Surface laptops are impacted). This is also the kind of wide-spread issue that highlights some of the risks of being so digitally connected. Many of us own this Marvell network adapter without even realizing it, and we now find out that it has some major vulnerabilities. These days, security breaches and exploits are far too commonplace. Security, intrusion detection and prevention are truly the new frontier.