A bug in a Realtek software development kit (SDK) means any third party devices with software that uses the SDK could inherit a vulnerability in their Session Initiation Protocol (SIP) implementations.
While patched by Realtek back in March, third parties may not yet have rolled out their own patches.
Disclosed on Friday in a Defcon talk [pdf] by Faraday Security’s Octavio Galland and Octavio Gianatiempo, the bug could affect any equipment that uses Realtek's RTL819x SoCs.
“Devices using firmware built around the Realtek eCOS SDK before March 2022 are vulnerable; you are vulnerable even if you do not expose any admin interface functionality; attackers may use a single UDP packet to an arbitrary port to exploit the vulnerability; and this vulnerability will likely affect routers the most, but some IoT devices built around Realtek's SDK may also be affected," SANS Institute’s Johannes Ullrich summarised.
The CVE ticket adds: “In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP [Session Description Protocol] data has a stack-based buffer overflow.
"This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.”
The crafted packet could be as simple as ‘m=audio 49170’ followed by the letter ‘a’ repeated 256 times, the researchers explained in their Defcon paper.
The resulting crash left the attackers with root access to their target device, a Nexxt Nebula 300 Plus wireless router, via telnet.
Ullrich advises sysadmins to make sure their firmware is up-to-date, in case their vendor has released a fix.
For mitigation, he suggests blocking UDP requests at the perimeter. He warned: “This isn’t easy, and you must be careful not to block anything critical”.
However, Ullrich wrote, only unsolicited inbound traffic need be blocked.
“Protocols like gaming and some VoIP systems may give you a more difficult time with rules like this.
“For VoIP, you may be able to allowlist your VoIP provider.”
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
