CVE-2023-52161 — Vulnetix

CVE-2023-52161 PUBLISHED CVSS 7.5 HIGH

The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key.

EPSS 0.95% · 76.7th percentile

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.95%

76.7th percentile

Affected Products

Vendor	Product	Versions
intel	inet_wireless_daemon	0, 0, 0
intel	inet_wireless_daemon	0, 0
n/a	n/a	n/a, n/a

Timeline

Feb 16, 2024 PoC Published
Feb 17, 2024 PoC Published
Feb 19, 2024 PoC Published
Feb 21, 2024 PoC Published
Feb 21, 2024 PoC Published
Feb 22, 2024 CVE Published
Feb 22, 2024 PoC Published
Feb 23, 2024 EPSS Score
Feb 23, 2024 PoC Published
Feb 26, 2024 PoC Published
Mar 5, 2024 PoC Published
Mar 13, 2024 PoC Published

References

https://iwd.wiki.kernel.org/ url
https://www.top10vpn.com/research/wifi-vulnerabilities/ url
https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=6415420f1c92012f64063c131480ffcef58e60ca url
FEDORA-2024-fdce971b84 vendor-advisory
FEDORA-2024-38faa9a2a8 vendor-advisory
FEDORA-2024-4ef5edfb2a vendor-advisory
FEDORA-2024-58c59bfa4c vendor-advisory
FEDORA-2024-3fa713f2e0 vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FOQ6VEE3CPJAQLMMGMLCYDGWHVG7UCJI/ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZTPXEPTMASG37NDGAQMH2OTM6OPIP5A/ url
https://lists.debian.org/debian-lts-announce/2024/02/msg00008.html url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TL2CFNWBL2E6AT2SIY2PR3IAWVCDYJZQ/ url
https://nvd.nist.gov/vuln/detail/CVE-2023-52161 advisory
https://iwd.wiki.kernel.org url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOQ6VEE3CPJAQLMMGMLCYDGWHVG7UCJI url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TL2CFNWBL2E6AT2SIY2PR3IAWVCDYJZQ url
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZTPXEPTMASG37NDGAQMH2OTM6OPIP5A url

…and 5 more

Open in Interactive Console →