Announcement

Collapse
No announcement yet.

Announcement

Collapse
No announcement yet.

Security CVE-2017-6956: TV Boxes Prone to Major Wifi Exploit (Broadcom) AP6330/AP6335

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Security CVE-2017-6956: TV Boxes Prone to Major Wifi Exploit (Broadcom) AP6330/AP6335

    Scores of tv boxes are vulnerable, preliminarily I can think of most Rockchip tv boxes released in the last three years, for example any boxes utilizing the AP6330 and AP6335, a version of the chip used as the target in the proof of concept.

    https://googleprojectzero.blogspot.c...-fi_4.html?m=1

    https://arstechnica.com/security/201...ks-over-wi-fi/

    https://nvd.nist.gov/vuln/detail/CVE-2017-6956


    (post will be updated further)
    .
    Rockchip WiFi knowledge reference:











    Last edited by Shomari; 06 April 2017, 14:04.
    Tags: None
    #2
    hmm..title says tvboxes..
    But...if you read the comments...of the zero exploit..
    You need to have the Mac address of the targeted device.. be on the same network as target
    So, only connecting to public hotspots might be dangerous

    like:
    If you take your tvbox with you on vacation..connected it to public hotspot (at risk )
    Or if you use your tvbox as hotspot (at risk)
    But on your own home network... behind a firewall/router? doubtful
    i think the main focus would be phones/tablets/laptops as these are on public hotspots

    I do wonder...can android fix this using a apk? or androids recovery zip file ?
    *will checkout raspberry forum as rasPi uses broadcom
    Will spoofing your Mac address be a good solution ?

    Just thinking out loud

    Comment

      #3
      You raise an understandable yet dangerous misconception. Simply avoiding public hotspots is not a workaround or protection for this vulnerability. That's a question that's been raised and answered numerous places since the vulnerability was publicized.

      And nope, can't be fixed with an apk, the flaw lies in the broadcom wifi chipset firmware itself, and that firmware exists in our TV boxes in proprietary binary form.

      Spoofing mac won't help, unfortunately.

      Comment

        #4
        This seems to indicate...it can be fixed using a OS update..
        Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point.
        NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior

        Comment

        Previous template Next

        What's Going On

        Collapse

        There are currently 3942 users online. 1 members and 3941 guests.

        Most users ever online was 37,478 at 04:14 on 26 June 2024.

        Working...
        X

        We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

        By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

        I Agree