Vulnerability Description
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arris | Tg852G Firmware | - |
| Arris | Tg852G | - |
| Arris | Tg862G Firmware | - |
| Arris | Tg862G | - |
| Arris | Tg1672G Firmware | - |
| Arris | Tg1672G | - |
Related Weaknesses (CWE)
References
- https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039Third Party Advisory
- https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.pngProduct
- https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpgProduct
- https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039Third Party Advisory
- https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.pngProduct
- https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpgProduct
FAQ
What is CVE-2023-40039?
CVE-2023-40039 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.
How severe is CVE-2023-40039?
CVE-2023-40039 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-40039?
Check the references section above for vendor advisories and patch information. Affected products include: Arris Tg852G Firmware, Arris Tg852G, Arris Tg862G Firmware, Arris Tg862G, Arris Tg1672G Firmware.