CVE-2018-14526

Description

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.

References

Link	Tags
https://papers.mathyvanhoef.com/woot2018.pdf	third party advisory technical description
http://www.securitytracker.com/id/1041438	vdb entry third party advisory
https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt	patch vendor advisory mitigation
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:11.hostapd.asc	mitigation third party advisory patch vendor advisory
https://access.redhat.com/errata/RHSA-2018:3107	vendor advisory
https://lists.debian.org/debian-lts-announce/2018/08/msg00009.html	third party advisory mailing list
https://usn.ubuntu.com/3745-1/	third party advisory vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00013.html	vendor advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-344983.pdf
https://www.us-cert.gov/ics/advisories/icsa-19-344-01

Frequently Asked Questions

What is the severity of CVE-2018-14526?: CVE-2018-14526 has been scored as a medium severity vulnerability.
How to fix CVE-2018-14526?: To fix CVE-2018-14526, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2018-14526 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2018-14526 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-924 – Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

Frequently Asked Questions