Espressif Systems ESP8266 NONOS SDK 2.2.0

CPE Details

Espressif Systems ESP8266 NONOS SDK 2.2.0
espressif
esp8266_nonos_sdk
2.2.0
2020-03-06
17h24 +00:00
2020-03-06
17h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:espressif:esp8266_nonos_sdk:2.2.0:*:*:*:*:*:*:*

Informations

Vendor

espressif

Product

esp8266_nonos_sdk

Version

2.2.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-12638 2020-07-23 13h41 +00:00 An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption.
6.8
Medium
CVE-2019-12586 2019-09-04 18h00 +00:00 The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
6.5
Medium
CVE-2019-12587 2019-09-04 09h31 +00:00 The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.
8.1
High
CVE-2019-12588 2019-09-04 09h30 +00:00 The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
6.5
Medium