Synopsys - Science and Digital News
Cybersecurity DIGITAL Hardware and Software

Synopsys Cybersecurity Researcher Uncovers Weakness in D-Link Router

ONE of the cybersecurity researchers of ​​Synopsys, Tuomo Untinen in Finland, has uncovered a vulnerability in the D-Link DIR-850L routers...

ONE of the cybersecurity researchers of ​​Synopsys, Tuomo Untinen in Finland, has uncovered a vulnerability in the D-Link DIR-850L routers that would allow hackers to join a router’s network without the required authentication credentials.

McGallen and Bolden, however, reported that D-Link subsequently patched the firmware, advising users to update their D-Link DIR-850L routers to the latest firmware.

Below is the description:

D Link image

Image: D-Link

Overview

CVE-2018-18907 refers to an authentication vulnerability with D-Link DIR-850L routers that allows clients to communicate with the router without completing the full WPA handshake. Successful exploitation of this vulnerability allows an attacker to join the router’s network without the required credentials and mount further attacks against users of the network. D-Link DIR-850L routers with hardware revision A and firmware version 1.21B06 Beta and older are vulnerable to CVE-2018-18907. On Nov. 6, 2018, D-Link issued their official disclosure.

Impact

This vulnerability allows a user that has not authenticated to join the wireless network provided by the router. Once joined to that network, the user would have access to all services, computers, and devices available to any other user on that network. Unauthorized access to a network is often the first step in a broader attack.

Technical details

Following client and AP negotiation phases, it is possible to skip the four-way WPA handshake used to establish encryption parameters and validate ownership of the AP’s pre-shared key, and proceed directly to un-encrypted communications.

Patch location

D-Link published firmware version 1.21B07_i9d9_WW, updated on Nov. 6, 2018, which patches CVE-2018-18907. The DIR-850L routers were released with two hardware versions, A and B. Only the A hardware is affected by this disclosure. Users can verify their hardware version by looking at the product label on their router for the “H/W ver:” string. Affected users should update their D-Link DIR-850L routers to the latest firmware version available herecovered by these release notes.

Remediation

Users should update their D-Link DIR-850L routers to the latest firmware version available here. According to D-Link, if you are currently running firmware version 1.14 or lower, you must update your router to firmware versions 1.15B04 and 1.20B03 first before applying the security patch.

Product description

The D-Link DIR-850L AC1200 Wi-Fi Router is a consumer-grade wireless router used to provide access to the internet or a private home network. More information about the device is available at the vendor’s website. The DIR-850L was initially released in early 2013 and is designed for the consumer market. It is available in two hardware revisions, with only the A version being affected by this disclosure.

Discovery credit

Tuomo Untinen, a Synopsys engineer based in Oulu, Finland, discovered this vulnerability during development of additional Defensics SafeGuard checks.

Timeline

● Aug. 6, 2018: Synopsys discovers the issue.
● Aug. 7, 2018: The Synopsys research team contacts D-Link.
● Aug. 20, 2018: Synopsys contacts the National Cyber Security Centre Finland (NCSC-I), part of the Finnish Communications Regulatory Authority.
● Sept. 20, 2018: Synopsys tests a vendor patch and confirms issue resolution to NCSC-FI.
● Nov. 6, 2018: D-Link publishes the firmware patch.
● Nov. 7, 2018: NCSC-FI publishes an advisory.
●Nov. 15, 2018: CyRC publishes this advisory. (D-Link via McGallen and Bolden)

Hello, Cyber World! A journalist's passion for news, which for me is every and any kind of news, but specially on Science, Technology, Innovation, Digital, and Current News, or just about anything under Heaven, birthed this news platform. Disclosure: I am not a scientist nor an expert on anything Science, and not a techie either; just some journalist who loves and care to bring the good news and share them to everyone out there. It is a big, big physical world out there, but the Industrial Revolution 4.0, the Internet in the Digital Age, has shrunk Earth into one small virtual community. Each human being a "neighbor" to everyone in the Philippines and in any point of the compass. Whatever you may see or think could be my and this site's shortcoming, my apologies. So, there, please join me in my journey in cyberspace! Be home, be safe, be mindful of your neighbors, of the Creator! Thanks so much.

0 comments on “Synopsys Cybersecurity Researcher Uncovers Weakness in D-Link Router

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: