CVE-2019-5062
HIGH
7,4
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: changed
Confidentiality: none
Integrity: none
Availability: high
LOW
3,3
Source: [email protected]
Access Vector: adjacent_network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial
Description
AI Translation Available
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0009
Percentile
0,3th
Updated
EPSS Score Trend (Last 90 Days)
346
Origin Validation Error
DraftCommon Consequences
Security Scopes Affected:
Other
Access Control
Potential Impacts:
Gain Privileges Or Assume Identity
Varies By Context
Applicable Platforms
Technologies:
Not Technology-Specific, Web Based
440
Expected Behavior Violation
DraftCommon Consequences
Security Scopes Affected:
Other
Potential Impacts:
Quality Degradation
Varies By Context
Applicable Platforms
Technologies:
ICS/OT
Application
Hostapd by W1.Fi
CPE Identifier
View Detailed Analysis
cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850