Skip to main content

Esp8266 Nonos Sdk

4 CVEs product

Monthly

CVE-2020-12638 MEDIUM POC This Month

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Esp Idf Esp8266 Nonos Sdk Esp8266 Rtos Sdk
NVD GitHub
CVSS 3.1
6.8
EPSS
0.5%
CVE-2019-12586 MEDIUM POC This Month

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Arduino Esp32 Esp Idf Esp8266 Nonos Sdk
NVD GitHub
CVSS 3.0
6.5
EPSS
1.4%
CVE-2019-12588 MEDIUM POC This Month

The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Arduino Esp8266 Esp8266 Nonos Sdk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2019-12587 HIGH POC PATCH This Week

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Esp Idf Esp8266 Nonos Sdk
NVD GitHub
CVSS 3.0
8.1
EPSS
0.8%
EPSS 0% CVSS 6.8
MEDIUM POC This Month

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Esp Idf Esp8266 Nonos Sdk +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Arduino Esp32 Esp Idf +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Arduino Esp8266 Esp8266 Nonos Sdk
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Esp Idf Esp8266 Nonos Sdk
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy