Virtual Event Today: Cloud & Data Security Summit - Join Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Broadcom Wi-Fi Chipset Flaw Allows Hackers to Disrupt Networks

The vulnerability was discovered in Asus routers, but all devices using the affected chipset are susceptible to attacks. 

Router vulnerabilities

A vulnerability that can be exploited to disrupt networks has been found in a Broadcom Wi-Fi chipset by researchers at application security company Black Duck.

The researchers discovered the security hole while testing an Asus router, but further analysis conducted in collaboration with the vendor revealed that the issue actually existed in Broadcom chipset software used by the router.

The vulnerability could pose a significant threat as it can be exploited by an unauthenticated attacker to disrupt network connectivity in organizations that use always-on wireless access.

Specifically, an attacker can use a single specially crafted Wi-Fi frame to disable a router’s 5 GHz network, and disconnect active clients and prevent them from reconnecting. 

The attack bypasses WPA2 and WPA3 protections, and it can be repeated indefinitely to cause prolonged network disruptions. However, the cybersecurity firm pointed out that Ethernet connections and the 2.4 GHz network are not affected by the attack.

Broadcom has been notified, and it told Black Duck that it has provided a patch to device manufacturers that use its chipset. 

Advertisement. Scroll to continue reading.

Asus has released firmware updates for its affected products, but it’s unclear which other vendors use the impacted chipset. Black Duck noted that the affected Broadcom chipset is widely used in enterprise, consumer, and embedded routers. 

The security firm has not made public any technical details to prevent malicious exploitation of the vulnerability. 

“This [attack] has the potential to open the door to evil twin attacks where the real access point is knocked offline and a rogue one with the same name and password replaces it,” warned James Maude, Field CTO at BeyondTrust. 

“While the risks of network traffic interception have decreased thanks to the widespread adoption of HTTPS encryption, there is still the risk of captive portals. When the user tries to restore their network connection they are presented with a captive phishing portal requesting their personal or corporate credentials leading to identity compromise,” Maude explained. 

Randolph Barr, CISO at Cequence Security, described a few possible attack scenarios involving this vulnerability.

“Based on what I’ve seen, problems like this don’t usually stay limited to ‘IT issues’. Most offices today use wireless connections more than traditional ones,” Barr said. “Imagine being on a Zoom escalation call with a customer and the network goes down.” 

“Even worse, imagine a board meeting where the CEO is discussing financial results, strategy, or an acquisition update, and the connection drops in the middle of the presentation. These times aren’t simply annoying; they can hurt your credibility, slow down decision-making, and make consumers, partners, and executives lose trust in you,” he added. 

Related: Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’

Related: Cisco Routers Hacked for Rootkit Deployment

Related: Unauthenticated RCE Flaw Patched in DrayTek Routers

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

N-able has appointed Russell Rosa as Chief Revenue Officer.

Stacy O'Mara has joined Armadin as Chief Policy Officer and Director of Global Government Affairs.

F5 has appointed Cathy Peterman as Chief People Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.