D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on October 19, 2021, 08:33:46 AM

Title: Realtek Chipset RTL8xxx SDK Vulnerabilities
Post by: GreenBay42 on October 19, 2021, 08:33:46 AM
Visit https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10253 (https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10253) for affected products and firmware patches.

Overview

On August 16, 2021, D-Link became aware of the public disclosure from IoT Inspector of multiple security vulnerabilities in the Realtek Chipset RTL8xxx software development kit (SDK).

Realtek chipsets are found in many embedded devices in the IoT space. RTL8xxx SoCs which provide wireless capabilities are very common. We therefore decided to spend time identifying binaries running on the RTL819xD on our target device, which expose services over the network and are provided by Realtek themselves. Such binaries are packaged as part of the Realtek SDK, which is developed by Realtek and provided to vendors and manufacturers who use the RTL8xxx SoCs.

D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures.

D-Link is investigating these reported security issues and if any D-Link Brand WiFi products are affected by these vulnerable.  The latest information regarding this security vulnerability is below. D-Link recommends checking back regularly and keep your device(s) up to date.