CVE-2019-12586

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
3.3
LOW
Affected
1
PROJECT

Description

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

Matheus-Garbelini/esp32_esp8266_attacks
Matheus-Garbelini/esp32_esp8266_attacks
Proof of Concept of ESP32/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)
GitHubGitHub
817