Espressif: >> Esp-Idf >> 3.0.8 Security Vulnerabilities
The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point.
CVSS Score
8.1
EPSS Score
0.001
Published
2019-09-04
Page 2