Realtek rtl81xx SDK Wi-Fi Driver Privilege Escalation Vulnerability

A heap-based buffer overflow vulnerability has been identified in the Realtek rtl81xx SDK Wi-Fi driver, specifically within the rtwlanu component. This vulnerability allows local attackers to escalate privileges on affected systems. The issue arises from inadequate validation of user-supplied data lengths before copying them to a fixed-length heap-based buffer. Exploitation of this vulnerability could enable an attacker to execute arbitrary code with SYSTEM privileges. To exploit this vulnerability, an attacker must first have the ability to run low-privileged code on the target system.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing attackers to execute arbitrary code with SYSTEM rights.

Remediation

This vulnerability has been fixed in version 1030.44.1204.2024. Users are advised to update to this version.