The rtl8192cd Wi‑Fi kernel driver for Realtek’s rtl819x Jungle SDK contains two debug ioctl handlers, write_mem (0x89F5) and read_mem (0x89F6), that are always compiled into production builds because the _IOCTL_DEBUG_CMD_ macro is unconditionally defined. These handlers perform no access‑control checks, allowing any user who can open the driver’s device file to read or write arbitrary kernel memory. By manipulating kernel memory, an attacker could inject malicious code or modify critical data, resulting in local privilege escalation or system instability.

This weakness applies to all Realtek RTL8192CD Wi‑Fi driver versions shipped in the rtl819x Jungle SDK up through firmware v3.4.14B. The driver is commonly found in consumer routers, embedded devices, and NICs that use the RTL8192CD chipset. While the operating system is not explicitly specified, any Linux kernel that loads the driver is potentially affected.

The CVSS score is not disclosed, but the lack of access control on privileged kernel operations is a high‑severity flaw. The EPSS score is unavailable and the vulnerability is not listed in CISA’s KEV catalog, indicating limited known exploitation. Nevertheless, because the flaw is local and can be triggered by any user with access to the driver’s device node, the likelihood of exploitation is significant in environments where the device node permissions are lax. The attack vector is inferred to be local, requiring only driver access; no network or remote entry is described.