CVE-2019-9495

🗓️ 17 Apr 2019 13:31:08Reported by certccType

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. Weak passwords may be cracked

Reporter	Title	Published	Views	Family All 87
AlpineLinux	CVE-2019-9495	17 Apr 201913:31	–	alpinelinux
BDU FSTEC	The vulnerability of the EAP-PWD protocol for certifying wireless communication devices arises from the use of cryptographic algorithms that contain defects. This allows attackers to install and run applications or gain access to confidential data.	6 Jun 201900:00	–	bdu_fstec
Broadcom	BSA-2019-777	15 Apr 201900:00	–	broadcom
Circl	CVE-2019-9495	17 Jan 202207:22	–	circl
CNVD	WPA encryption problem vulnerability	16 Apr 201900:00	–	cnvd
Cvelist	CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns	17 Apr 201913:31	–	cvelist
Debian	[SECURITY] [DLA 1867-1] wpa security update	31 Jul 201922:10	–	debian
Debian	[SECURITY] [DSA 4430-1] wpa security update	11 Apr 201906:12	–	debian
Debian CVE	CVE-2019-9495	17 Apr 201913:31	–	debiancve
Tenable Nessus	Debian DLA-1867-1 : wpa security update	12 Aug 201900:00	–	nessus

NVD

Node

w1.fi hostapdRange≤2.7

w1.fi wpa_supplicantRange≤2.7

Node

fedoraproject fedoraMatch28

fedoraproject fedoraMatch29

fedoraproject fedoraMatch30

Node

opensuse backports_sleMatch15.0-

opensuse backports_sleMatch15.0sp1

opensuse leapMatch15.1

Node

synology radius_serverMatch3.0

synology router_managerRange<1.2.3-8017

debian debian_linuxMatch8.0

Node

freebsd freebsdMatch11.2-

freebsd freebsdMatch11.2p2

freebsd freebsdMatch11.2p3

freebsd freebsdMatch11.2p4

freebsd freebsdMatch11.2p5

freebsd freebsdMatch11.2p6

freebsd freebsdMatch11.2p7

freebsd freebsdMatch11.2p8

freebsd freebsdMatch11.2p9

freebsd freebsdMatch11.2rc3

freebsd freebsdMatch12.0-

freebsd freebsdMatch12.0p1

freebsd freebsdMatch12.0p2

freebsd freebsdMatch12.0p3

[
  {
    "product": "hostapd with EAP-pwd support",
    "vendor": "Wi-Fi Alliance",
    "versions": [
      {
        "lessThanOrEqual": "2.7",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "wpa_supplicant with EAP-pwd support",
    "vendor": "Wi-Fi Alliance",
    "versions": [
      {
        "lessThanOrEqual": "2.7",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
lists	www.lists.debian.org/debian-lts-announce/2019/07/msg00030.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/
synology	www.synology.com/security/advisory/Synology_SA_19_16
lists	www.lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
w1	www.w1.fi/security/2019-2/
seclists	www.seclists.org/bugtraq/2019/May/40
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/
security	www.security.freebsd.org/advisories/FreeBSD-SA-19:03.wpa.asc
packetstormsecurity	www.packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/

17 Jun 2026 02:43Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.13.7

CVSS 24.3

EPSS0.03449