#USA #Austin #NetRise #Pixie Dust #Firmware Security

Unmasking the Pixie Dust Vulnerability

A recent report by NetRise reveals alarming statistics about the Pixie Dust exploit, a vulnerability first disclosed in 2014 that remains a critical risk for networks today. This significant study uncovers that more than 80% of devices evaluated are still at risk, illustrating the challenges in the firmware supply chain and the inadequacies of vendor patching processes.

Background of the Vulnerability

The Pixie Dust vulnerability exploits weaknesses in the Wi-Fi Protected Setup (WPS) protocol, which is widely utilized in consumer and small-to-medium business (SMB) networking equipment. By taking advantage of weak cryptographic implementations, attackers can intercept communication and compute WPS PINs quickly — in just 1-2 seconds — enabling unauthorized access to the network.

Key Findings from NetRise's Research

NetRise's detailed analysis spans 24 devices from six manufacturers, including routers and access points, with some firmware versions dating back as far as 2017. Here are some notable findings from their report:

• - Minimal Patching: Out of the devices studied, only 4 were successfully patched, which means a dismal 17% received any fixes for the vulnerability.
• - Timing of Patches: The average latency between the discovery of the vulnerability and the application of a patch was a staggering 9.6 years. The earliest patch was delivered 9 years after the issue was identified.
• - Ongoing Exposure: Despite being actively supported, 13 devices remain vulnerable with no updates; notably, 7 had reached their end-of-life without any security patches.

Implications for the Industry

Thomas Pace, CEO of NetRise, emphasized that the Pixie Dust case exemplifies broader issues within the firmware supply chain and vendor practices.