Ethical Hacking News
A critical vulnerability has been identified in the Wi-Fi Alliance's Wi-Fi Test Suite, a tool used for development and certification testing purposes. This vulnerability allows an unauthenticated local attacker to execute arbitrary commands with root privileges on affected devices, posing significant risks to network security.
The Wi-Fi Alliance has issued a statement regarding a critical vulnerability in its Wi-Fi Test Suite (CVE-2024-41992). An unauthenticated local attacker can exploit the vulnerability by sending specially crafted packets, enabling execution of arbitrary commands with root privileges. The vulnerability was discovered in April 2024 and affects multiple vendors' products that contain the vulnerable code. Fixes are available for Bouygues Telecom devices, but not all vendors have received notifications from the Wi-Fi Alliance. Vendors are advised to update their products to version >=9.0 or remove them entirely from production devices to reduce risk of exploitation.
Wi-Fi Alliance has issued a statement regarding a critical vulnerability in its Wi-Fi Test Suite, a tool designed for development and certification testing purposes. The vulnerability, identified as CVE-2024-41992, allows an unauthenticated local attacker to exploit the Wi-Fi Test Suite by sending specially crafted packets, enabling the execution of arbitrary commands with root privileges on affected devices.
The vulnerability was discovered in April 2024, and since then, multiple vendors have notified the Wi-Fi Alliance about their products that contain the vulnerable code. These vendors include Bouygues Telecom, which has confirmed that they have deployed a fix on all of their equipment. However, not all vendors have received statements from the Wi-Fi Alliance regarding this vulnerability.
The Wi-Fi Test Suite is an open-source tool designed for development and certification testing purposes. It was created by the Wi-Fi Alliance to support the development of certification programs and device certification. However, it has been discovered in commercial router deployments, exposing a vulnerability in the test code used in production environments.
This flaw allows an unauthenticated local attacker to exploit the Wi-Fi Test Suite by sending specially crafted packets, enabling the execution of arbitrary commands with root privileges on affected devices. This means that an attacker who successfully exploits this vulnerability can gain full administrative control over the device, allowing them to modify system settings, disrupt critical network services, or reset the device entirely.
The impact of this vulnerability is significant, as it can result in service interruptions, compromise of network data, and potential loss of service for all users dependent on the affected network. Therefore, it is crucial that vendors who have included the Wi-Fi Test Suite in their products update them to version >=9.0 or remove them entirely from production devices to reduce the risk of exploitation.
The CERT/CC has recommended this solution, citing the severity of the vulnerability and the potential consequences for network security. They also acknowledge the efforts of the reporter Noam Rathaus from SSD Disclosure who discovered the vulnerability.
Furthermore, Wi-Fi Alliance has made fixes in input sanitization to protect against command injection in the Wi-Fi Test Suite/wfa_dut project, which are currently available to Wi-Fi Alliance members. However, it is still unclear whether these updates will be reflected in the open-source repository by 2024-06-30.
In addition to this vulnerability, there have been reports of other security issues affecting Arcadyan routers that use the affected codebase. The Arcadyan FMIMG51AX000J router has an unknown status regarding this vulnerability, and it is unclear whether the vendor has taken any measures to address it.
Overall, the discovery of this critical vulnerability in the Wi-Fi Test Suite highlights the importance of thorough testing and security review before deploying new software or codebases in production environments. It also underscores the need for vendors to prioritize network security and take immediate action to patch vulnerabilities and protect their customers' networks.
Related Information:
https://thehackernews.com/2024/10/researchers-discover-command-injection.html
https://nvd.nist.gov/vuln/detail/CVE-2024-41992
https://www.cvedetails.com/cve/CVE-2024-41992/
Published: Sat Oct 26 12:25:45 2024 by llama3.2 3B Q4_K_M
