CVE-2021-37572

Vulnerability

CVE-2021-37572 is a missing authorization vulnerability in MediaTek Wi-Fi chipsets (MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915) running software version 2.0.2. The issue lies in the handling of IEEE 1905 protocol packets; affected devices do not properly authenticate or authorize incoming management frames, allowing the attacker to trigger the vulnerable code path without valid credentials [1][2].

Exploitation

An attacker does not need authentication or physical access. Exploitation requires only network proximity to the target device (within Wi-Fi range). By sending a malformed or specially crafted IEEE 1905 packet, the attacker can trigger the vulnerability. No user interaction is required [1][2].

Impact

Successful exploitation can lead to denial of service (device crash or reboot) and potentially arbitrary code execution on the affected chipset. The attacker gains the ability to disrupt network services or compromise the device's operation; the exact privilege level depends on the chipset context but can result in full control of the Wi-Fi subsystem [1][2].

Mitigation

MediaTek has released patches included in the January 2022 Product Security Bulletin [1]. NETGEAR has published firmware updates for many of its affected products (e.g., EAX11v2, EX3700, WAC104, WAX202) as listed in their advisory [2]. Users should update to the latest firmware versions provided by their device vendor. If a fixed version is not yet available for a specific product, no workaround exists [2].