Vulnerabilities Found in Wi-Fi Chipset Firmware of Popular Devices

Embedi researcher Denis Selianin discovered vulnerabilities affecting the Wi-Fi chipset firmware on popular devices such a laptops, smartphones, gaming devices, routers, and internet-of-things (IoT) devices. One of the vulnerabilities could grant threat actors the ability to execute malicious code without any user interaction during the scanning of available networks. This function launches automatically every five minutes even if a device is not connected to any network. There is no fix at the time of writing, but patches are forthcoming. The NJCCIC recommends patching systems as soon as updates become available. More details on the vulnerabilities can be found on Ionut Ilascu’s blog post here and Embedi’s website

AdvisoryNJCCICIoT