Realtek USB FE/1GbE/2.5GbE/5GbE NIC Family - Buffer Overflow

Vulnerability

The Realtek USB driver for the FE/1GbE/2.5GbE/5GbE NIC family contains a buffer overflow vulnerability in its API function due to insufficient parameter length verification. Affected versions include Windows 10 (10.28 to 10.39), Windows 8 (8.49 to 8.60), and Windows 7 (7.42 to 7.53) [1]. The vulnerability is reachable when the driver processes specially crafted input from the network.

Exploitation

An unauthenticated attacker on the same local area network (LAN) can exploit this vulnerability without any privileges or user interaction. By sending a maliciously crafted request to the vulnerable API function, the attacker triggers a buffer overflow, leading to service disruption [1].

Impact

Successful exploitation results in a denial of service (DoS) condition, impacting system availability. The CVSS vector (AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) indicates no impact on confidentiality or integrity, but a high impact on availability [1].

Mitigation

Realtek has released version v10.50 of the driver to address this vulnerability. Users should update to this version or later. No workarounds are documented in the available references [1]. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.