Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk"
--> "... exists a vulnerability in all publicly available examples of the ASF codebase ..."
--> "... software is no longer supported and is rooted in IoT-centric code ..."
--> "... affected versions include MediaTek SDK versions 7.4.0.1 and earlier, as well as OpenWrt 19.07 and 21.02 ..."
--> "... patch for the vulnerability was released by MediaTek in March 2024 ..." wenn nötig ist der also bereits installiert ;)
VG
Bernd
[0] https://thehackernews.com/2024/09/critical-flaw-in-microchip-asf-exposes.htm...
rwth-security@lists.rwth-aachen.de