What is the severity of CVE-2020-9395?

CVE-2020-9395 has a severity level of high.

Is my Realtek device vulnerable to CVE-2020-9395?

Realtek devices running firmware versions up to 2.0.6 are vulnerable to CVE-2020-9395.

How can I fix CVE-2020-9395 vulnerability on my Realtek device?

To fix CVE-2020-9395, you need to update your Realtek device firmware to version 2.0.6 or higher.

Vulnerability/
CVE-2020-9395

high

CWE

787 119

6/7/2020

4/8/2024

CVE-2020-9395: Buffer Overflow

Q: What is CVE-2020-9395?

CVE-2020-9395 is a vulnerability discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before version 2.0.6.

Q: How does CVE-2020-9395 affect Realtek devices?

CVE-2020-9395 affects Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before version 2.0.6.

First published: Mon Jul 06 2020(Updated: )

An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2's 4-way-handshake via a malformed EAPOL-Key packet with a long keydata buffer.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Realtek Rtl8711af Firmware	<2.0.6
Realtek Rtl8711af
Realtek Rtl8711am Firmware	<2.0.6
Realtek Rtl8711am
Realtek Rtl8195am Firmware	<2.0.6
Realtek RTL8195AM
Realtek Rtl8710af Firmware	<2.0.6
Realtek Rtl8710af

Remedy

https://github.com/ambiot/amb1_arduino/commit/dcea55cf9775a0166805b3db845b237ecd5e74ea#diff-d06e7a87f34cc464a56799a419033014

Remedy

https://github.com/ambiot/amb1_sdk/commit/bc5173d5d4faf6829074b0f1e1b242c12b7777a3#diff-700c216fb376666eaeda0c892e8bdc09

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2020-9395?
CVE-2020-9395 is a vulnerability discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before version 2.0.6.
What is the severity of CVE-2020-9395?
CVE-2020-9395 has a severity level of high.
How does CVE-2020-9395 affect Realtek devices?
CVE-2020-9395 affects Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before version 2.0.6.
Is my Realtek device vulnerable to CVE-2020-9395?
Realtek devices running firmware versions up to 2.0.6 are vulnerable to CVE-2020-9395.
How can I fix CVE-2020-9395 vulnerability on my Realtek device?
To fix CVE-2020-9395, you need to update your Realtek device firmware to version 2.0.6 or higher.

collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/event
agent/type
agent/description
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/realtek
canonical/realtek rtl8711af firmware
canonical/realtek rtl8711af
canonical/realtek rtl8711am firmware
canonical/realtek rtl8711am
canonical/realtek rtl8195am firmware
canonical/realtek rtl8195am
canonical/realtek rtl8710af firmware
canonical/realtek rtl8710af

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.