Attackers Actively Exploiting Realtek SDK Flaws

Threat actors zeroing in on command injection vulnerabilities reported in Realtek chipsets just days after multiple flaws were discovered in the software developers kits (SDK) deployed across at least 65 separate vendors.

On Aug. 16 multiple Realtek vulnerabilities were disclosed by IoT Inspector Research Lab. It took about 48 hours for attackers to start trying to exploit them. SAM Seamless Network reported two days after the bugs were made public, attackers made “multiple” attempts breach the company’s Secure Home product to spread a new version of Mirai malware.

Read more…
Source: ThreatPost