The wording of the headline is a bit misleading here. I followed the link thinking it might be a firmware or silicon bug as I have a couple of routers at home with mt76 wifi, but was relieved to find it's just a bug in the vendor's 'sdk' shovelware. I'm baffled that anyone even thought about using that, given there's such good mt76 support from mainline kernels with hostapd.
Is there some logic to MediaTek's naming conventions, or all their devices just MTxxxx where x is some incremented/random number?
I have a device with a mt6631 wifi chip and I'd assume it's unaffected just because it's not mentioned as affected anywhere, but it's hard to tell where it might fit into the lineup.
They say that OpenWrt 19.07 and 21.02 are affected, but as far as I can tell, official builds of OpenWrt only use the mt76 driver and not the Mediatek SDK.
I've been buying laptops with AMD CPU's but they always come with these trash MediaTek RZ616 Wi-Fi cards, why is that? I've been replacing them with Intel Wi-Fi cards, now I have a pile of RZ616 cards ready to become future microplastics :-(
IIRC my phone uses a MediaTek chipset. And I vaguely remember the vendor has moved away from MediaTek since because of the ahem quality of those products...
No idea how WiFi is done on a phone though. Is there a way to find out whether the phone is affected? I hardly ever use WiFi because I have unlimited cellular data and good coverage, but would still be good to know.
i still cannot fathom why in this day and age where people buy any silicon that's available, these C tier vendors don't adopt the PC strategy and completely open their firmwares for open source community.
> The affected versions include MediaTek SDK versions 7.4.0.1 and earlier, as well as OpenWrt 19.07 and 21.02.
> The vulnerability resides in wappd, a network daemon included in the MediaTek MT7622/MT7915 SDK and RTxxxx SoftAP driver bundle.
OpenWRT doesn't seem to use wappd though?
That's why we need free firmware. I'm tired of Broadcom and Ralink.
Exploit is hard to distinguish between a back door here.
Welcome back to the 90s.
Can the OP's link be changed to the original source, not the advertisement it currently links to? The exploit is documented https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-20...
[flagged]
I would like to remind people of the 2016 Adups backdoor:
> According to Kryptowire, Adups engineers would have been able to collect data such as SMS messages, call logs, contact lists, geo-location data, IMSI and IMEI identifiers, and would have been able to forcibly install other apps or execute root commands on all devices.
https://www.bleepingcomputer.com/news/security/android-adups...
Not too surprising given what I've seen of their vendor sdk driver source code, compared to mt76. (Messy would be kind assessment)
Unfortunately, there are also some running aftermarket firmware builds with the vendor driver, due to it having an edge in throughput over mt76.
Mediatek and their WiSoC division luckily have a few engineers that are enthusiastic about engaging with the FOSS community, while also maintaining their own little OpenWrt fork running mt76.[1]
[1] https://git01.mediatek.com/plugins/gitiles/openwrt/feeds/mtk...