CVE-2020-12638

Published
View on NVD ↗
CVSS v3
6.8
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
3
PROJECTS

Description

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption.

espressif/esp-idf
espressif/esp-idf
Espressif IoT Development Framework. Official development framework for Espressif SoCs.
GitHubGitHub
18.2K
espressif/ESP8266_RTOS_SDK
espressif/ESP8266_RTOS_SDK
Latest ESP8266 SDK based on FreeRTOS, esp-idf style.
GitHubGitHub
3.55K
espressif/ESP8266_NONOS_SDK
espressif/ESP8266_NONOS_SDK
ESP8266 nonOS SDK
GitHubGitHub
970