Recently, security experts have detected critical vulnerabilities in the Realtek RTL8195A Wi-Fi module that could be exploited by attackers to take complete control of a device’s wireless communications.
Realteks’s RTL8195A module is a low-powered, standalone, compact Wi-Fi hardware module used for embedded devices used in several industries such as agriculture, smart home, healthcare, gaming, and automotive sectors. The module has supported software from a number of large vendors such as Google, Samsung, and Amazon.
Researchers at Israeli IoT security firm Vdoo reported about six major vulnerabilities detected in the Realteks’s RTL8195A module. It is believed that if attackers are able to exploit these vulnerabilities present in the module, they will be able to gain access to the Wi-Fi module, and possibly the application processor too. Although the vulnerabilities were only found on RTL8195A, the researchers at Vdoo said they extend to other modules also including RTL8711AM, RTL8711AF, and RTL8710AF.
However, Realtek has already released Ameba Arduino 2.0.8 with patches for all the six vulnerabilities found by Vdoo. Moreover, firmware versions released after April 21, 2020, already come with the necessary protections to avoid such takeover attacks. Hence experts believe that the issue will be resolved very soon.