Threat Encyclopedia

Realtek.eCOS.SDK.CVE-2022-27255.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a Buffer Overflow Vulnerability in Realtek eCos devices.
The vulnerability is caused by an error when the vulnerable software handles a crafted SIP packet that contains malicious SDP data. A remote attacker can exploit this vulnerability by sending specially crafted SDP data to the target server. Successful exploitation can lead to Denial-of-Service and likely remote code execution.

affected-products-logoAffected Products

Realtek eCos RSDK 1.5.7p1
Realtek eCos MSDK 4.9.4p1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf

CVE References

CVE-2022-27255

Telemetry logoTelemetry