Outbreak Alert: Realtek SDK Attack

bmali · ‎03-21-2023

FortiRecon provides outside-in coverage for risks toward customers.   External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise.   The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
CVE ID	CVE-2014-8361
CVE Title	Realtek SDK miniigd AddPortMapping SOAP Action Command Injection Remote Code Execution Vulnerability
CVE Severity	Critical
ACI Reporting Coverage	4 Report (OSINT)
Additional References	2 Darknet mentions referencing the vulnerability. 2 article referencing possibly working exploit(s) for this vulnerability. 1 article referencing this CVE on the security blog. 196 mentions on social media for this vulnerability.
EASM Scanner	No

CVE ID	CVE-2021-35394
CVE Title	Realtek Jungle SDK command execution
CVE Severity	High
ACI Reporting Coverage	4 Reports (2 OSINT, 2 TECHINT)
Additional References	1 article referencing this CVE on security blog. 120 mentions on social media for this vulnerability.
EASM Scanner	No