Embedi reveals that ThreadX, a real-time operating system (RTOS) built by Express Logic, contains four memory corruption vulnerabilities, Marvell, an American chipmaker, uses ThreadX in its Avastar single Chip (SoC) for Wi-Fi systems, spreading it across many products. Hackers who successfully overcome the flaws in devices including Sony PlayStation 4, Microsoft Xbox One, Microsoft Surface, SteamLink, and Samsung chromebooks and smartphones will gain control of the devices.
Embedi found four memory corruption vulnerabilities on ThreadX, the most interesting of which is the Block Pool Overflow vulnerability, which can be triggered when scanning nearby available Wi-Fi networks, regardless of whether a device is connected to a Wi-Fi network, A scan is performed every 5 minutes.
The researchers point out that this means that no user interaction is required to trigger the vulnerability on GNU/ Linux-based operating systems, regardless of whether the device is connected or not, and you don’t need to know the name or password of the Wi-Fi network. Allows hackers to remotely attack a Samsung Chromebook from afar.
All the hacker has to do is send a malicious Wi-Fi packet to the device using the Marvell Avastar Wi-Fi chip, wait for the device to start the Wi-Fi scanning function every five minutes, then wait for the opportunity to execute the malware and take control of the device.
Embedi does not reveal whether Express Logic or Marvell have been told or whether the operator has been patched. The above article is from: Shengbofa constellation