Hello, welcome to the Thursday, June 3, 2021 edition of the Santernate Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

Let's start today with a couple of wireless vulnerabilities.

First, vulnerabilities in the Real Tech RTL 8710C module.

Now, you may not necessarily know what a Wi-Fi module is exactly in a particular device.

These modules are typically more targeted towards IoT devices.

They're sort of very lightweight and don't include some of the more sophisticated features

that you find in larger devices, even in larger portable devices.

The problem here is two stack-based buffer overflows that happen as part of the WPA2 Handshake.

These vulnerabilities were found by Voodoo, companies of specialized in that kind of thing.

Actually, back in February, they already disclosed a number of vulnerabilities in a similar module. Any device

built after January 11th should already be patched. If you have an earlier device, then you

need to apply a patch that was released by Real Tech as part of their software development kit.

So not really something for the end user to do, but the device manufacturer essentially needs

to release an updated firmware that is then loaded into the device.

The second vulnerability discovered by Trustwave does affect Huawei LTE sticks, in particular the model E3372.

These are somewhat popular in Europe, often sold on eBay, but not that commonly used in the US.

The vulnerability is actually pretty simple.

It's just bad permissions on a file on the system

that's being installed as you are starting to use this particular LTE stick. It then could be

overwritten by any user of the system and then essentially lead to privilege escalation.

What's really more notable here is that Huawei essentially didn't react to the vulnerability

...