Realtek: Security Vulnerabilities
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-08-30
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-08-30
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-08-30
Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-08-30
In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
CVSS Score
9.8
EPSS Score
0.297
Published
2022-08-01
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.
CVSS Score
8.8
EPSS Score
0.014
Published
2022-07-28
Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-06-20
A stack buffer overflow was discovered on Realtek RTL8195AM device before 2.0.10, it exists in the client code when an attacker sends a big size Authentication challenge text in WEP security.
CVSS Score
9.8
EPSS Score
0.006
Published
2021-12-22
A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-11-11
RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access to USB devices (Escalation of Privileges, Denial of Service, Code Execution, and Information Disclosure) via a crafted Device IO Control packet to a device.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-11-02