8000 CVE-2020-12638 workaround for WPA downgrade attack by earlephilhower · Pull Request #7486 · esp8266/Arduino · GitHub
[go: up one dir, main page]
Skip to content

CVE-2020-12638 workaround for WPA downgrade attack #7486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jul 26, 2020
Merged

CVE-2020-12638 workaround for WPA downgrade attack #7486

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
40d62a5
CVE-2020-12638 workaround for WPA downgrade attack
earlephilhower Jul 25, 2020
8a7ad8e
Fix the debug message
earlephilhower Jul 26, 2020
f3342c3
Check for the downgrade in main WIFI event process
earlephilhower Jul 26, 2020
f89944b
Merge branch 'master' into cve12638
devyte Jul 26, 2020
2b5a75f
Merge branch 'master' into cve12638
earlephilhower Jul 26, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix the debug message
  • Loading branch information
@earlephilhower
earlephilhower committed Jul 26, 2020
commit 8a7ad8e2854df5781303642c897c338fe4b9c531
2 changes: 1 addition & 1 deletion libraries/ESP8266WiFi/src/ESP8266WiFiGeneric.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ WiFiEventHandler ESP8266WiFiGenericClass::onStationModeAuthModeChanged(std::func
if ((src.old_mode != AUTH_OPEN) && (src.new_mode == AUTH_OPEN)) {
// CVE-2020-12638 workaround. When we get a change to AUTH_OPEN from any other mode, drop the WiFi link because it's a downgrade attack
// TODO - When upgrading to 3.x.x with fix, remove this code
DEBUG_WIFI("WIFI_EVENT_STAMODE_AUTHMODE_CHANGE downgrade from %s to AUTH_OPEN, potential downgrade attack. Reconnecting WiFi. See CVE-2020-12638 for more details\n");
DEBUG_WIFI("WIFI_EVENT_STAMODE_AUTHMODE_CHANGE from encrypted(%d) to AUTH_OPEN, potential downgrade attack. Reconnecting WiFi. See CVE-2020-12638 for more details\n", src.old_mode);
WiFi.reconnect(); // Disconnects from STA and then reconnects
}
dst.oldMode = src.old_mode;
Expand Down
0