First published: Thu Feb 22 2024(Updated: )
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
W1.fi Wpa Supplicant | <2.10 | |
Any of | ||
Google Android | ||
Google Chrome OS | ||
Linux Linux kernel | ||
Debian Debian Linux | =10.0 | |
Fedoraproject Fedora | =39 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.