A wireless device exploit uncovered 11 years ago still hasn't been fixed by some manufacturers — six vendors and 24 devices found harbouring vulnerable firmware across routers, range extenders, and more

Despite being disclosed in 2014, the Pixie Dust exploit remains unpatched in wireless devices from six vendors, affecting 24 devices like routers and range extenders. This exploit allows attackers to obtain a router's PIN and connect to a network without the password. NetRise found that only four of the 24 vulnerable devices were patched, with fixes arriving an average of 9.6 years after the exploit was made public. The issue highlights systemic problems in firmware supply chains and the need for consistent visibility into firmware to address old vulnerabilities.