← Back

Esp8266 Nonos Sdk

esp8266_nonos_sdk

Vendor: Espressif • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-12638
1Espressif
3Esp Idf
Esp8266 Nonos SdkEsp8266 Rtos Sdk
Nov 21, 2024
Jul 23, 2020
N/A· v4
6.8 MEDIUM· v3
4.3 MEDIUM· v2
An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to...Show more
An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption.Show less
CVE-2019-12586
1Espressif
3Arduino Esp32
Esp IdfEsp8266 Nonos Sdk
Nov 21, 2024
Sep 4, 2019
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio r...Show more
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.Show less
CVE-2019-12588
1Espressif
2Arduino Esp8266
Esp8266 Nonos Sdk
Nov 21, 2024
Sep 4, 2019
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which all...Show more
The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.Show less
CVE-2019-12587
1Espressif
2Esp Idf
Esp8266 Nonos Sdk
Nov 21, 2024
Sep 4, 2019
N/A· v4
8.1 HIGH· v3
4.8 MEDIUM· v2
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication me...Show more
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.Show less