Monday, September 23, 2024

Critical Flaws in Microchip ASF and MediaTek Wi-Fi Chipsets Pose Serious Security Risks


The cybersecurity landscape is again under threat, with two major vulnerabilities disclosed in recent weeks. One, affecting the Microchip Advanced Software Framework (ASF), could lead to remote code execution, while the other, impacting MediaTek Wi-Fi chipsets, presents a zero-click vulnerability.

Microchip ASF: A Stack-Based Overflow Vulnerability

The vulnerability in ASF, tracked as CVE-2024-7490, has been assigned a CVSS score of 9.5, highlighting its severity. The issue stems from a lack of input validation in ASF's implementation of the tinydhcp server, making it susceptible to a stack-based overflow.

"A specially crafted DHCP request can trigger the vulnerability, causing a stack overflow that could lead to remote code execution," warns the CERT Coordination Center (CERT/CC).

While the software is no longer supported, its widespread use in IoT-centric code makes CVE-2024-7490 a significant concern. The vulnerability affects ASF 3.52.0.2574 and all prior versions. Furthermore, multiple forks of the tinydhcp software are also likely vulnerable.

MediaTek Wi-Fi Chipsets: A Zero-Click Vulnerability

The MediaTek vulnerability, CVE-2024-20017, is equally concerning, with a CVSS score of 9.8. It allows for remote code execution without any user interaction, making it a zero-click vulnerability. The flaw is due to an out-of-bounds write issue in MediaTek's Wi-Fi chipset software.

"The vulnerability is a buffer overflow caused by taking a length value directly from attacker-controlled packet data without bounds checking, leading to an out-of-bounds write," explains SonicWall Capture Labs, which discovered the flaw.

This issue affects MediaTek SDK versions 7.4.0.1 and earlier, as well as OpenWrt 19.07 and 21.02. This translates to a wide range of vulnerable devices, including routers and smartphones.

Mitigation and Impact

While MediaTek released a patch for CVE-2024-20017 in March 2024, the availability of a proof-of-concept (PoC) exploit since August 30, 2024, has heightened the likelihood of exploitation.

Unfortunately, there are no immediate fixes or mitigations for CVE-2024-7490. The only current solution is to replace the tinydhcp service with an alternative that does not share the same vulnerability.

The impact of these vulnerabilities is significant, potentially allowing attackers to gain complete control over vulnerable devices. This could lead to data theft, denial-of-service attacks, and other malicious activities.

Recommendations

Given the severity of these vulnerabilities, users and manufacturers need to take immediate action to mitigate the risks.

  • Software Updates: Users of vulnerable devices should promptly update their software to the latest versions to address the vulnerabilities.

  • Security Measures: Implement robust security measures, including firewalls, intrusion detection systems, and strong passwords.

  • Device Replacement: Consider replacing vulnerable devices if updates are not available or if the devices are no longer supported.

  • Vendor Communication: Stay informed about security updates and advisories from device manufacturers and vendors.

These vulnerabilities highlight the importance of continuous vigilance and proactive security measures in today's interconnected world. Both individuals and organizations need to prioritize security updates, adopt best practices, and stay informed about emerging threats to protect themselves from cyberattacks.

0 comments:

Post a Comment