Exploit code for a security flaw in Broadcom Wireless drivers is in the public domain and could allow hackers to take control of PCs via a Wi-Fi connection, according to Symantec.
The company warned: “The exploit allows remote code execution, and the susceptible drivers are shipped with many new computers.”
The vulnerable Broadcom BCMWL5.SYS wireless device driver is shipped with new PCs from manufacturers including Hewlett-Packard, Dell, Gateway and eMachines.
Computers are vulnerable to attack if they have a susceptible Broadcom Wireless-N network card and run the Broadcom BCMWL5.SYS driver.
Symantec warned, “Unfortunately, due to the nature of wireless networking, all that is required of the attacker is to be within range of the vulnerable machine. Because this vulnerability occurs at an extremely low level within the networking protocol, there may be difficulties in detecting these attacks using standard IDS/IPS methods.”
The security firm urged users of vulnerable Broadcom drivers to update the drivers as soon as possible or avoid connecting to networks in insecure areas via the wireless card.
Comment on this article: [email protected]