CVE-2018-14526 — MEDIUM (6.5)

Q: How severe is CVE-2018-14526?

CVE-2018-14526 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-14526?

Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Debian Debian Linux, W1.Fi Wpa Supplicant.

Vulnerability Description

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Canonical	Ubuntu Linux	14.04
Debian	Debian Linux	8.0
W1.Fi	Wpa Supplicant	>= 2.0, <= 2.6

Related Weaknesses (CWE)

CWE-924

References

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00013.html
http://www.securitytracker.com/id/1041438Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:3107
https://cert-portal.siemens.com/productcert/pdf/ssa-344983.pdf
https://lists.debian.org/debian-lts-announce/2018/08/msg00009.htmlMailing ListThird Party Advisory
https://papers.mathyvanhoef.com/woot2018.pdfTechnical DescriptionThird Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:11.hostapd.ascMitigationPatchThird Party Advisory
https://usn.ubuntu.com/3745-1/Third Party Advisory
https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txtMitigationPatchVendor Advisory
https://www.us-cert.gov/ics/advisories/icsa-19-344-01
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00013.html
http://www.securitytracker.com/id/1041438Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:3107
https://cert-portal.siemens.com/productcert/pdf/ssa-344983.pdf
https://lists.debian.org/debian-lts-announce/2018/08/msg00009.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2018-14526?

CVE-2018-14526 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker w...

How severe is CVE-2018-14526?

CVE-2018-14526 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-14526?

Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Debian Debian Linux, W1.Fi Wpa Supplicant.