CVE-2019-9495
moderate-risk
Published 2019-04-17
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
Do I need to act?
~
6.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.7/10
Low
NETWORK
/ HIGH complexity
Affected Products (20)
References (20)
Third Party Advisory
http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA...
Mailing List
https://seclists.org/bugtraq/2019/May/40
Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_16
Third Party Advisory
http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA...
Mailing List
https://seclists.org/bugtraq/2019/May/40
Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
Third Party Advisory
https://www.synology.com/security/advisory/Synology_SA_19_16
43
/ 100
moderate-risk
Severity
13/34 · Low
Exploitability
9/34 · Low
Exposure
21/34 · High