CVE-2019-12588

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-12588

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-12588.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-12588

Published

2019-09-04T12:15:11.107Z

Modified

2026-02-11T11:43:41.848985Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The client 802.11 mac implementation in Espressif ESP8266NONOSSDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

References

Affected packages

Git / github.com/esp8266/arduino

Affected ranges

Type: GIT
Repo: https://github.com/esp8266/arduino
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8b899c12fb5044a6a51b92501bfcdf86a3d98dd8

Introduced

de3058fc43f8a3298f472dfbea2b79854c3a08aa

Last affected

8ae300d4760b422cef4ee15cbabfb39dcb469216

Affected versions

2.*

2.2.0

2.3.0

2.3.0-rc1

2.3.0-rc2

2.4.0

2.4.0-rc1

2.4.0-rc2

2.4.1

2.4.2

2.5.0

2.5.0-beta1

2.5.0-beta2

2.5.0-beta3

2.5.1

2.5.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-12588.json"