Recently, security researchers have discovered a widespread vulnerability that could allow hackers to remotely control many commonly used brands of mobile phones and routers. This vulnerability affects brands such as Ubiquiti, Xiaomi, and Netgear, as well as devices that use MediaTek Wi-Fi chips. Let’s explore how this vulnerability threatens the security of your devices.
What is a Zero-Click Vulnerability?
A zero-click vulnerability is a highly dangerous flaw that allows hackers to remotely attack your device without any action required from you, such as clicking a link or opening an attachment. This means that as long as your device is connected to the internet, you could become a target for attacks without even realizing it.
The recently discovered vulnerability is designated CVE-2024-20017, with a severity score of 9.8 (out of 10), nearly reaching the highest level of risk. This vulnerability affects MediaTek Wi-Fi chipsets and some router drivers, with proof-of-concept (PoC) code already made public, indicating that hackers can exploit this flaw to launch attacks.
How Widespread is the Vulnerability?
This vulnerability primarily affects devices using MediaTek Wi-Fi chips. Many common brands of routers and mobile phones could be impacted, including:
- Xiaomi
- Ubiquiti
- Netgear
Additionally, devices running specific firmware versions, such as OpenWrt 19.07 and 21.02, or using MediaTek SDK version 7.4.0.1 or earlier, are also at risk.
How Does the Vulnerability Work?
From a technical standpoint, this vulnerability is an “out-of-bounds write” issue. Essentially, it allows attackers to remotely write malicious code through a network daemon called wappd, which takes advantage of a flaw in the way the device processes data. wappd is responsible for managing wireless interfaces and access points, and hackers can exploit this vulnerability to tamper with data and take control of the device.
Due to the nature of the vulnerability, attackers can send specially crafted data packets that bypass the system's security checks and execute code directly on the device. This allows them to gain control of the device without any user interaction.
How to Protect Yourself?
Researchers from SonicWall Capture Labs have advised affected users to update their patches promptly to mitigate potential risks. MediaTek has released fixes for the affected SDK versions, and users should update their device firmware or system software to ensure protection.
Tips for Protecting Your Devices:
- Keep Device Firmware and Software Updated: Regularly check for updates on your phone, router, or other smart devices, and promptly install security patches released by manufacturers.
- Enable Automatic Updates: Ensure that your devices automatically receive and install the latest updates to address newly discovered vulnerabilities.
- Stay Informed About Device Security Advisories: Keep an eye on the manufacturer's official website or channels for the latest security advisories to stay updated on potential risks.
Final Reminder
Even if you’re not tech-savvy, keeping your devices updated is the simplest and most effective way to protect your personal information. The emergence of zero-click vulnerabilities reminds us that cybersecurity is a concern for everyone. By updating promptly and practicing good security habits, you can significantly reduce the risk of attacks and safeguard your devices and data.
Security starts with the little things.
