CVE-2020-25857
N/A
N/A
Summary
The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Realtek RTL8195A Wi-Fi Module | Versions before 2020-04-21 (up to and excluding 2.08) | affected |
Weaknesses
- CWE-121: Stack buffer overflow (CWE-121)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.