Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-52161

Published: 22/02/2024 Updated: 23/03/2024
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Inet Wireless Daemon

Vulnerability Summary

The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) prior to 2.14 allows malicious users to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intel inet wireless daemon

Vendor Advisories

Debian CVElist Bug Report Logs: iwd: CVE-2023-52161
Debian Bug report logs - #1064062 iwd: CVE-2023-52161 Package: src:iwd; Maintainer for src:iwd is Jonas Smedegaard <dr@jonesdk>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 16 Feb 2024 15:18:02 UTC Severity: grave Tags: security, upstream Reply or subscribe to this bug Toggle useless messagesV ...

References

CWE-287https://iwd.wiki.kernel.org/https://www.top10vpn.com/research/wifi-vulnerabilities/https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=6415420f1c92012f64063c131480ffcef58e60cahttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTPXEPTMASG37NDGAQMH2OTM6OPIP5A/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TL2CFNWBL2E6AT2SIY2PR3IAWVCDYJZQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOQ6VEE3CPJAQLMMGMLCYDGWHVG7UCJI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064062https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook