Security Advisory

CVE-2019-12587

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-04 11:31:48
Last updated 2024-08-04 23:24:38
Assigner mitre
State PUBLISHED

Description

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.