EUVD-2018-1235

Malware in sbrugna...

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

Cybersecurity researchers today uncovered a new high-severity hardware vulnerability residing in the widely-used Wi-Fi chips manufactured by Broadcom and Cypress—apparently powering over a billion devices, including smartphones, tablets, laptops, routers, and IoT gadgets. Dubbed 'Kr00k' and track...

Siemens SCALANCE W700 and W1700

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: SCALANCE W700 and W1700 Vulnerability: Improper Enforcement of Message Integrity During Transmission in a Communication Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CVE-2018-0412

A vulnerability in the implementation of Extensible Authentication Protocol over LAN EAPOL functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of...

Input validation

A vulnerability in the implementation of Extensible Authentication Protocol over LAN EAPOL functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of...

CVE-2018-0412

A vulnerability in the implementation of Extensible Authentication Protocol over LAN EAPOL functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of...

CVE-2018-0412

The CVE-2018-0412 issue affects Cisco Small Business 100 Series and 300 Series Wireless Access Points, where improper processing of EAPOL messages during the Wi‑Fi handshake allows an unauthenticated adjacent attacker to downgrade the cipher from AES‑CCMP to WPA‑TKIP. This cryptographic downgrade...

Cisco Small Business 100 Series and 300 Series Wireless Access Points Encryption Algorithm Downgrade Vulnerability

A vulnerability in the implementation of Extensible Authentication Protocol over LAN EAPOL functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an unauthenticated, adjacent attacker to force the downgrade of...