WiFi firmware bug affects laptops, smartphones, routers, gaming devices

WiFi firmware bug affects laptops, smartphones, routers, gaming devices

Details have been published today about a vulnerability affecting the firmware of a popular WiFi chipset deployed in a wide range of devices, such as laptops, smartphones, gaming rigs, routers, and Internet of Things (IoT) devices.WIFI GPS Router

Discovered by Embedi researcher Denis Selianin, the vulnerability impacts the firmware of Marvell Avastar 88W8897, one of the most popular WiFi chipsets on the market, currently deployed with devices such as Sony PlayStation 4, Xbox One, Microsoft Surface laptops, Samsung Chromebooks, Samsung Galaxy J1 smartphones, and Valve SteamLink cast devices, just to name a few.

In a report published today, Selianin described how someone could exploit the Avastar firmware (based on a custom implementation of the ThreadX real-time operating system) to execute malicious code without any user interaction.

"I've managed to identify ~4 total memory corruption issues in some parts of the firmware," said Selianin. "One of the discovered vulnerabilities was a special case of ThreadX block pool overflow. This vulnerability can be triggered without user interaction during the scanning for available networks."

The researcher says the firmware function to scan for new WiFi networks launches automatically every five minutes, making exploitation trivial. All an attacker has to do is send malformed WiFi packets to any device with a Marvell Avastar WiFi chipset and wait until the function launches, to execute malicious code and take over the device.

"That's why this bug is so cool and provides an opportunity to exploit devices literally with zero-click interaction at any state of wireless connection (even when a device isn't connected to any network)," Selianin said.