Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistVDOOCVELIST:CVE-2020-25857
HistoryFeb 03, 2021 - 4:48 p.m.

CVE-2020-25857

2021-02-0316:48:59
CWE-121
VDOO
www.cve.org

0.002 Low

EPSS

Percentile

52.2%

JSON

The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network’s PSK.

CNA Affected

[
  {
    "product": "Realtek RTL8195A Wi-Fi Module",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions before 2020-04-21 (up to and excluding 2.08)"
      }
    ]
  }
]

Related

prion 1
cve 1
cnvd 1
nvd 1
prion
prion
Stack overflow
2021-02-03 17:15:00
cve
cve
CVE-2020-25857
2021-02-03 17:15:15
cnvd
cnvd
Realtek RTL8195A Buffer Overflow Vulnerability (CNVD-2021-56814)
2021-02-05 00:00:00
nvd
nvd
CVE-2020-25857
2021-02-03 17:15:15

0.002 Low

EPSS

Percentile

52.2%

JSON
Related for CVELIST:CVE-2020-25857
prion1cve1cnvd1nvd1