Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9395

An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2's 4-way-handshake via a malformed EAPOL-Key packet with a long keydata buffer.

Published

2020-07-06T22:15:11.553

Last Modified

2024-11-21T05:40:33.507

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.0 (HIGH)

CVSSv2 Vector

AV:A/AC:M/Au:S/C:P/I:P/A:P

Access Vector: ADJACENT_NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

4.4

Impact Score

6.4

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	realtek	rtl8711af_firmware	< 2.0.6	Yes
Hardware	realtek	rtl8711af	-	No
Operating System	realtek	rtl8711am_firmware	< 2.0.6	Yes
Hardware	realtek	rtl8711am	-	No
Operating System	realtek	rtl8195am_firmware	< 2.0.6	Yes
Hardware	realtek	rtl8195am	-	No
Operating System	realtek	rtl8710af_firmware	< 2.0.6	Yes
Hardware	realtek	rtl8710af	-	No

References

https://github.com/ambiot/amb1_arduino/commit/dcea55cf9775a0166805b3db845b237ecd5e74ea#diff-d06e7a87f34cc464a56799a419033014 Patch, Third Party Advisory ([email protected])
https://github.com/ambiot/amb1_sdk/commit/bc5173d5d4faf6829074b0f1e1b242c12b7777a3#diff-700c216fb376666eaeda0c892e8bdc09 Patch, Third Party Advisory ([email protected])
https://www.amebaiot.com/en/security_bulletin/ Third Party Advisory ([email protected])
https://github.com/ambiot/amb1_arduino/commit/dcea55cf9775a0166805b3db845b237ecd5e74ea#diff-d06e7a87f34cc464a56799a419033014 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ambiot/amb1_sdk/commit/bc5173d5d4faf6829074b0f1e1b242c12b7777a3#diff-700c216fb376666eaeda0c892e8bdc09 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.amebaiot.com/en/security_bulletin/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)