You see this notification pop up:
"Update for Smart Home Device Security Issue
Home Network Security has identified an affected TRENDnet device in your network and blocks attacks that exploit this vulnerability."
Why did this happen?
Home Network Security alerted you of multiple severe vulnerabilities in three software development kits (SDKs) supplied by Realtek and used by at least 65 vendors of IoT devices.
There have been reports that threat actors made multiple attempts to attack these vulnerabilities just days after being discovered.
What is the issue?
There are multiple flaws that affect many popular devices such as travel routers, WiFi repeaters, IP cameras, or even connected toys from multiple manufacturers such as Buffalo, ASUS, Belkin, D-Link, LG, Logitech, and Realtek’s own router lineup.
What are its risks?
These vulnerabilities can be abused by attackers to fully compromise the target device and execute arbitrary code with the highest level of privilege.
What should I do next?
Realtek has released updated SDKs to address the problem, but it is still the responsibility of IoT vendors to release bug fixes and patches to affected devices.
- Check for available updates to specific device models using websites provided by the service provider or device manufacturer.
- Make sure that Trend Micro Home Network Security is actively protecting your home network. Guide me.
- Use a more secure user name and password for all your IOT devices:
- Use a unique user name.
- Avoid using words found in the dictionary.
- Use a password with at least eight characters.
- Use a combination of uppercase and lowercase letters.
- Use a combination of letters, numbers, and symbols.
- Enable multi-factor authentication (if available) on all your network devices.
- Make sure your devices are receiving security patches automatically.
To see the list of all affected devices, visit the link below:
Advisory: Multiple Issues in Realtek SDK