CVE-2023-52160

Name
CVE-2023-52160
Description
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c
cve@mitre.org https://www.top10vpn.com/research/wifi-vulnerabilities/
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N46C4DTVUWK336OYDA4LGALSC5VVPTCC/
cve@mitre.org https://lists.debian.org/debian-lts-announce/2024/02/msg00013.html
cve@mitre.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU6IR4KV3ZXJZLK2BY7HAHGZNCP7FPNI/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:* wpa_supplicant >= None < 2.10

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
wpa_supplicant edge-main 2.10-r11 Natanael Copa <ncopa@alpinelinux.org> fixed
wpa_supplicant 3.19-main 2.10-r10 Natanael Copa <ncopa@alpinelinux.org> fixed
wpa_supplicant 3.20-main 2.10-r11 Natanael Copa <ncopa@alpinelinux.org> fixed
wpa_supplicant 3.21-main 2.10-r11 Natanael Copa <ncopa@alpinelinux.org> fixed