CVE-2023-52160
moderate-risk
Published 2024-02-22
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
Do I need to act?
~
4.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (6)
Affected Vendors
References (12)
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...
Third Party Advisory
https://www.top10vpn.com/research/wifi-vulnerabilities/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...
Third Party Advisory
https://www.top10vpn.com/research/wifi-vulnerabilities/
44
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
7/34 · Low
Exposure
13/34 · Low