Realtek.eCOS.SDK.CVE-2022-27255.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a Buffer Overflow Vulnerability in Realtek eCos devices.
The vulnerability is caused by an error when the vulnerable software handles a crafted SIP packet that contains malicious SDP data. A remote attacker can exploit this vulnerability by sending specially crafted SDP data to the target server. Successful exploitation can lead to Denial-of-Service and likely remote code execution.

affected-products-logoAffected Products

Realtek eCos RSDK 1.5.7p1
Realtek eCos MSDK 4.9.4p1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-10-13 22.413 Default_action:pass:drop
2022-09-15 22.395 Sig Added
2022-09-01 22.385 Sig Added