Dos vulnerability affects iphones , androids, even a car
Publicly available code allows hackers to disable wi-fi in a range of products
The iPhone 4 and a slew of older devices from Apple, Samsung, HTC, and other manufacturers are vulnerable to attacks that can make it impossible to send or receive data over Wi-Fi networks, a security researcher said
The only requirement to exploit the vulnerability is to have a wireless card that supports [the] raw inject of 802.11 frames," Andrés Blanco one of the researchers from Core Security who discovered the vulnerability
Proof-of-concept code published online makes it trivial for a moderately skilled hacker to disable older iPhones, HTC Droid Incredible 2s, Motorola Droid X2s, and at least two-dozen other devices, including Edge model cars manufactured by Ford.
The Denial-of-Service vulnerability stems from an input-validation error in the firmware of two wireless chips sold by Broadcom: the BCM4325 and the BCM4329. The US Computer Emergency Readiness Team has also issued an advisory warning of the vulnerability.
Publicly available code allows hackers to disable wi-fi in a range of products
The iPhone 4 and a slew of older devices from Apple, Samsung, HTC, and other manufacturers are vulnerable to attacks that can make it impossible to send or receive data over Wi-Fi networks, a security researcher said
The only requirement to exploit the vulnerability is to have a wireless card that supports [the] raw inject of 802.11 frames," Andrés Blanco one of the researchers from Core Security who discovered the vulnerability
Proof-of-concept code published online makes it trivial for a moderately skilled hacker to disable older iPhones, HTC Droid Incredible 2s, Motorola Droid X2s, and at least two-dozen other devices, including Edge model cars manufactured by Ford.
The Denial-of-Service vulnerability stems from an input-validation error in the firmware of two wireless chips sold by Broadcom: the BCM4325 and the BCM4329. The US Computer Emergency Readiness Team has also issued an advisory warning of the vulnerability.
The Core Security advisory said that Broadcom has released a firmware update that patches the "out-of-bounds read error condition" in the chips' firmware. Device manufacturers are making it available to end users on a case-by-case basis since many of the affected products are older and already out of service.
exploit makes it impossible for an affected device to send or receive data over Wi-Fi for as long as the DoS attack lasts. Once the malicious packets subside, the device will work normally
Other device functions are unaffected by the Wi-Fi service interruption. He said it's possible the bug could be exploited to do more serious things.
Post a Comment
Thank you for visiting Afridi's Technoworld