Vulnerability Description
An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2's 4-way-handshake via a malformed EAPOL-Key packet with a long keydata buffer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Realtek | Rtl8711Af Firmware | < 2.0.6 |
| Realtek | Rtl8711Af | - |
| Realtek | Rtl8711Am Firmware | < 2.0.6 |
| Realtek | Rtl8711Am | - |
| Realtek | Rtl8195Am Firmware | < 2.0.6 |
| Realtek | Rtl8195Am | - |
| Realtek | Rtl8710Af Firmware | < 2.0.6 |
| Realtek | Rtl8710Af | - |
Related Weaknesses (CWE)
References
- https://github.com/ambiot/amb1_arduino/commit/dcea55cf9775a0166805b3db845b237ecdPatchThird Party Advisory
- https://github.com/ambiot/amb1_sdk/commit/bc5173d5d4faf6829074b0f1e1b242c12b7777PatchThird Party Advisory
- https://www.amebaiot.com/en/security_bulletin/Third Party Advisory
- https://github.com/ambiot/amb1_arduino/commit/dcea55cf9775a0166805b3db845b237ecdPatchThird Party Advisory
- https://github.com/ambiot/amb1_sdk/commit/bc5173d5d4faf6829074b0f1e1b242c12b7777PatchThird Party Advisory
- https://www.amebaiot.com/en/security_bulletin/Third Party Advisory
FAQ
What is CVE-2020-9395?
CVE-2020-9395 is a vulnerability with a CVSS score of 8.0 (HIGH). An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2's 4-way-handshak...
How severe is CVE-2020-9395?
CVE-2020-9395 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9395?
Check the references section above for vendor advisories and patch information. Affected products include: Realtek Rtl8711Af Firmware, Realtek Rtl8711Af, Realtek Rtl8711Am Firmware, Realtek Rtl8711Am, Realtek Rtl8195Am Firmware.