CVE-2023-52160

CVE-2023-52160

Name

CVE-2023-52160

Description

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
cve@mitre.org	https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c
cve@mitre.org	https://www.top10vpn.com/research/wifi-vulnerabilities/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/

Type

URI

cve@mitre.org

https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c

cve@mitre.org

https://www.top10vpn.com/research/wifi-vulnerabilities/

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/

cve@mitre.org

https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html

cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:w1.fi:wpa_supplicant::::::::`	wpa_supplicant	>= None	< 2.10
`cpe:2.3:o:debian:debian_linux:10.0:::::::*`	debian_linux	== None	== 10.0
`cpe:2.3:o:fedoraproject:fedora:38:::::::*`	fedora	== None	== 38
`cpe:2.3:o:fedoraproject:fedora:39:::::::*`	fedora	== None	== 39
`cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*`	enterprise_linux	== None	== 8.0
`cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*`	enterprise_linux	== None	== 9.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*

wpa_supplicant

>= None

< 2.10

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

debian_linux

== None

== 10.0

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

fedora

== None

== 38

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

fedora

== None

== 39

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

enterprise_linux

== None

== 8.0

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

enterprise_linux

== None

== 9.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
wpa_supplicant	edge-main	2.10-r11	Natanael Copa <ncopa@alpinelinux.org>	fixed
wpa_supplicant	3.19-main	2.10-r10	Natanael Copa <ncopa@alpinelinux.org>	fixed
wpa_supplicant	3.20-main	2.10-r11	Natanael Copa <ncopa@alpinelinux.org>	fixed
wpa_supplicant	3.21-main	2.10-r11	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

wpa_supplicant

edge-main

2.10-r11

Natanael Copa <ncopa@alpinelinux.org>

fixed

wpa_supplicant

3.19-main