A serious security flaw has been discovered in the Marvell 88W8897A Wi-Fi chip, which is included in a number of mainstream devices.
Security firm Embedi discovered a number of vulnerabilities in the chip’s firmware, and drew attention to the most serious flaw which allows devices to be compromised without any interaction from the owner.
“This vulnerability can be triggered without user interaction during the scanning for available networks,” Embedi stated.
“This procedure is launched every 5 minutes regardless of a device being connected to some Wi-Fi network or not.”
This vulnerability essentially allows hackers to compromise a device just after it has been turned on, without the owner realising they have been targeted.
The affected Marvell chip is implemented in various devices, including Samsung Chromebooks, Microsoft Surface laptops, Valve’s Steam Link, and PlayStation 4 and Xbox One consoles.