Maybe some of you already have this knowledge, but I think not all of you do. Vulnerabilities have been discovered in the Wifi module of ESP8266 and ESP32 devices. The vulnerabilities are reported as CVE-2019-12586, CVE-2019-12587, CVE-2019-12588. They affect authentication in Enterprise class...

Espressif's official announcement on the subject is here:

Home page
/
Forum
/
Smart Home
/
Smart Home IoT
/
ESP8266 and ESP32
/
Vulnerabilities in the WiFi chip, attack on the wifi network (Enterprise)

Vulnerabilities in the WiFi chip, attack on the wifi network (Enterprise)

dektom 399 1

Treść została przetłumaczona

Zobacz oryginalną wersję tematu

Reply | New topic

#1 18151036 04 Sep 2019 14:20

dektom dektom

Level 11

» |

Post #1
18151036 04 Sep 2019 14:20

Maybe some of you already have this knowledge, but I think not all of you do. Vulnerabilities have been discovered in the Wifi module of ESP8266 and ESP32 devices. The vulnerabilities are reported as CVE-2019-12586, CVE-2019-12587, CVE-2019-12588.
They affect authentication in Enterprise class networks (EAP-PEAP, EAP-TTLS or EAP-TLS), so rather few at home use

More vulnerabilities will probably come out over time.... and how to develop secure applications....

More info available on Github, among others.

https://matheus-garbelini.github.io/home/post/zero-pmk-installation/
https://github.com/Matheus-Garbelini/esp32_esp8266_attacks
ADVERTISEMENT
#2 18151045 04 Sep 2019 14:27

khoam khoam

Level 42

» | Helpful post? (0)

Post #2
18151045 04 Sep 2019 14:27

Espressif's official announcement on the subject is here:
https://www.espressif.com/en/news/Espressif_S...ry_Concerning_Fault_Injection_and_Secure_Boot
Create an account, log in and become active in a forum and ads will not appear. You will receive points by participating in discussions.
Join this discussion.

Install the application

Didn't find an answer? Ask Artificial Intelligence

*I agree to send the question to OpenAI, Anthropic PBC, Perplexity AI, Inc., Kagi Inc., Google LLC - owners of language models in order to prepare the best response. The companies may monitor and log information entered into the form.

*I agree to publicly display my question and answer. The question and answer will be publicly available to everyone. The process may take a few minutes. Upon completion, you will be redirected to the page with the answer.

Wait...(2min)

Reply | New topic

Report a violation of the law

Home page
/
Forum
/
Smart Home
/
Smart Home IoT
/
ESP8266 and ESP32
/
Vulnerabilities in the WiFi chip, attack on the wifi network (Enterprise)

Vulnerabilities in the WiFi chip, attack on the wifi network (Enterprise)

Didn't find an answer? Ask Artificial Intelligence