CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27301

A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.5%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 7.7

References

https://www.vdoo.com/blog/realtek-wifi-vulnerabilities-zero-day
https://www.vdoo.com/blog/realtek-wifi-vulnerabilities-zero-day

Products affected by CVE-2020-27301

Realtek » Rtl8195a » Version: N/A

cpe:2.3:h:realtek:rtl8195a:-
Realtek » Rtl8710c » Version: N/A

cpe:2.3:h:realtek:rtl8710c:-
Realtek » Rtl8195a Firmware » Version: N/A

cpe:2.3:o:realtek:rtl8195a_firmware:-
Realtek » Rtl8710c Firmware » Version: N/A

cpe:2.3:o:realtek:rtl8710c_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27301

Products

Pricing

Contact Us