CVE-2018-14526Improper Enforcement of Message Integrity During Transmission in a Communication Channel in WPA Supplicant

CWE-924Improper Enforcement of Message Integrity During Transmission in a Communication ChannelCWE-200Sensitive Information Exposure10 documents9 sources
Severity
6.5MEDIUMNVD
EPSS
1.1%
top 22.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
W1.fi WPA SupplicantCanonical Ubuntu LinuxDebian Linux
Timeline
PublishedAug 8
Latest updateMay 13

Description

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDw1.fi/wpa_supplicant2.02.6

Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 16.04, 18.04

Patches

Patch: security.freebsd.orgPatch: w1.fiPatch: security.freebsd.org

🔴Vulnerability Details

3
GHSA
GHSA-p89p-gprq-frv8: An issue was discovered in rsn_supp/wpa2022-05-13
OSV
CVE-2018-14526: An issue was discovered in rsn_supp/wpa2018-08-08
CVEList
CVE-2018-14526: An issue was discovered in rsn_supp/wpa2018-08-08

📋Vendor Advisories

4
Ubuntu
wpa_supplicant and hostapd vulnerability2018-08-20
BSD
FreeBSD-SA-18:11.hostapd: Unauthenticated EAPOL-Key Decryption Vulnerability2018-08-14
Red Hat
wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant2018-08-08
Debian
CVE-2018-14526: wpa - An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Und...2018

💬Community

2
Bugzilla
CVE-2018-14526 wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant [fedora-all]2018-08-10
Bugzilla
CVE-2018-14526 wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant2018-08-09
CVE-2018-14526 — W1.fi WPA Supplicant vulnerability | cvebase