CVE-2019-9497 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-9497 PUBLISHED

The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

EPSS 9.11% · 92.6th percentile

Risk Scores

EPSS Score

9.11%

92.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	wpa	0, 1.0-3ubuntu2, 1.0-3ubuntu3
Ubuntu:18.04:LTS	wpa	2:2.6-15ubuntu2.1, 0, 2.4-0ubuntu10
Ubuntu:16.04:LTS	wpa	2.4-0ubuntu6.3, 0, 2.4-0ubuntu3

Timeline

CVE Published
May 5, 2020 PoC Published
Apr 14, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Oct 17, 2024 EPSS Score
Mar 17, 2025 EPSS Score
Mar 24, 2025 EPSS Score
Mar 25, 2025 EPSS Score
Mar 29, 2025 EPSS Score
Mar 30, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2019-9497 third-party-advisory
https://w1.fi/security/2019-4/ third-party-advisory
https://ubuntu.com/security/notices/USN-3944-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2019-9497 third-party-advisory

Open in Interactive Console →