CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key PTK-TK by...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Wi-Fi component of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to enhance their privileges through a specially created application...