A Wireless Device Exploit Uncovered 11 Years Ago Still Haven't Been Fixed by Some Manufacturers
In a shocking revelation, NetRise has uncovered that several major manufacturers are still vulnerable to the Pixie Dust exploit, a known security flaw that was disclosed in 2014. Despite having over a decade to address the issue, six vendors and 24 devices remain at risk, including routers, range extenders, access points, and hybrid Wi-Fi/powerline products.
The oldest vulnerable firmware in the set dates back to September 2017, nearly three years after the Pixie Dust exploit was first published. On average, vulnerable releases occurred 7.7 years after the exploit was disclosed. This raises serious concerns about the effectiveness of manufacturers' security patches and their willingness to prioritize customer safety over profit margins.
The Pixie Dust Exploit: A Simple yet Devastating Vulnerability
The Pixie Dust exploit allows an attacker to obtain a router's Wi-Fi Protected Setup (WPS) PIN and connect to the targeted wireless network without needing its password. To take advantage of this exploit, an attacker simply needs to be within range of the network they want to access, capture the initial WPS handshake between the network and a client device, and then crack the PIN offline.
Despite being well-known among security experts, Pixie Dust has proven to be a persistent threat. Researchers have developed several open-source tools capable of exploiting Pixie Dust, including one highlighted by the security-focused Kali Linux distribution. This highlights the lack of urgency from manufacturers in addressing this known vulnerability.
The Neglect of Manufacturers: A Lack of Transparency and Accountability
NetRise's report found that only four devices were ever patched, with the patches arriving late and with little fanfare. In many cases, vendors described fixes vaguely in changelogs as "Fixed some security vulnerability," without acknowledging the specific exploit being addressed. This lack of transparency and accountability is staggering, particularly when considering that these manufacturers have assured customers that their products are still being supported.
The report also found that thirteen devices remain actively supported but unpatched, while another seven reached end-of-life without ever receiving fixes. Six manufacturers released products with known vulnerabilities, and in many cases, have neglected to update the relevant firmware even though their customers have been assured of continued support.
A Call for Action: Consistent Firmware Visibility is Key
NetRise's findings highlight a broader systemic issue in firmware supply chains. The Pixie Dust exploit is not an isolated incident, but rather a symptom of weak cryptography, poor entropy generation, and opaque vendor patch practices.
"The lesson is clear," said NetRise. "Without consistent visibility into firmware, organizations cannot assume that old exploits are gone." This calls for greater transparency from manufacturers and a more proactive approach to addressing known vulnerabilities.
Stay Safe: What You Can Do
While the situation may seem daunting, there are steps you can take to protect yourself. Make sure to keep your router's firmware up-to-date, use strong passwords, and be cautious when connecting to public Wi-Fi networks.
"The security of our digital lives depends on the actions we take," said Nathaniel Mott, a freelance news and features writer for Tom's Hardware US. "We need to demand more from our manufacturers and expect transparency in their patching practices."