NewStart CGSL MAIN 7.02 : wpa_supplicant Vulnerability (NS-SA-2025-0181)

The remote NewStart CGSL host, running version MAIN 7.02, has wpasupplicant packages installed that are affected by a vulnerability: - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the...

Linux Distros Unpatched Vulnerability : CVE-2023-52160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify t...

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass

wpasupplicant is vulnerable to authentication bypass due to its implementation of Protected Extensible Authentication Protocol PEAP. An attacker could exploit this in order to trick a victim into connecting to a malicious clone of an Enterprise WiFi network and subsequently intercept their traffi...

EulerOS 2.0 SP8 : wpa_supplicant (EulerOS-SA-2024-2495)

According to the versions of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

CentOS 9 : wpa_supplicant-2.10-5.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the wpasupplicant-2.10-5.el9 build changelog. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

SUSE SLES15 Security Update : wpa_supplicant (SUSE-SU-2024:0819-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0819-1 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

MGASA-2024-0053 Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

Amazon Linux 2 : wpa_supplicant (ALAS-2024-2480)

The version of wpasupplicant installed on the remote host is prior to 2.6-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2480 advisory. wpasupplicant: potential authorization bypass CVE-2023-52160 Tenable has extracted the preceding description block directly fr...

Debian dla-3743 : hostapd - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3743 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3743-1 [email protected] https://www.debian.org/lts/security/...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

Authentication flaw

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

PT-2023-8665 · Google +6 · Android +7

Name of the Vulnerable Software and Affected Versions: wpa supplicant versions through 2.10 Description: The issue is related to the implementation of PEAP in wpa supplicant, which allows authentication bypass. For a successful attack, wpa supplicant must be configured to not verify the network's...