Remote Code Execution Vulnerability in Realtek RTL8710 and Ameba-based Devices via AES_UnWRAP Function

Remote Code Execution Vulnerability in Realtek RTL8710 and Ameba-based Devices via AES_UnWRAP Function

CVE-2020-27301 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.

Learn more about our Web Application Penetration Testing UK.