CVE-2020-25853
N/A
N/A
Summary
The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, _rt_md5_hmac_veneer() or _rt_hmac_sha1_veneer(), resulting in a stack buffer over-read which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Realtek RTL8195A Wi-Fi Module | Versions before 2020-04-21 (up to and excluding 2.08) | affected |
Weaknesses
- CWE-126: Stack buffer over-read (CWE-126)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.