#VU23611 Expected behavior violation in hostapd - CVE-2019-5062

Cybersecurity Help s.r.o.

Published: 2019-12-16

Vulnerability identifier: #VU23611

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-5062

CWE-ID: CWE-440

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
hostapd
Server applications / Remote access servers, VPN

Vendor: Jouni Malinen

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the 802.11w security state handling connected clients with valid 802.11w sessions. A remote attacker on the local network can simulate an incomplete new association, trigger a deauthentication against stations using 802.11w and cause a denial of service condition on the target system.

Note: This vulnerability affects hostapd on a Raspberry Pi.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

hostapd: 2.6

External links
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in W1.fi hostapd