In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
References
Link | Resource |
---|---|
https://forum.defcon.org/node/241835 | Third Party Advisory |
https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf | Vendor Advisory |
Configurations
History
30 Sep 2022, 19:49
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://forum.defcon.org/node/241835 - Third Party Advisory |
02 Sep 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2022, 13:34
Type | Values Removed | Values Added |
---|---|---|
First Time |
Realtek ecos Msdk Firmware
Realtek ecos Msdk Realtek ecos Rsdk Firmware Realtek ecos Rsdk Realtek |
|
References | (MISC) https://source.android.com/security/bulletin/2022-06-01 - Not Applicable | |
References | (MISC) https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf - Vendor Advisory | |
CPE | cpe:2.3:h:realtek:ecos_msdk:-:*:*:*:*:*:*:* cpe:2.3:h:realtek:ecos_rsdk:-:*:*:*:*:*:*:* cpe:2.3:o:realtek:ecos_msdk_firmware:4.9.4p1:*:*:*:*:*:*:* cpe:2.3:o:realtek:ecos_rsdk_firmware:1.5.7p1:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-20 |
01 Aug 2022, 13:39
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-01 12:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-27255
Mitre link : CVE-2022-27255
CVE.ORG link : CVE-2022-27255
JSON object : View
Products Affected
realtek
- ecos_rsdk_firmware
- ecos_msdk_firmware
- ecos_rsdk
- ecos_msdk
CWE
CWE-20
Improper Input Validation