CVE-2022-47522

Exploit

EPSS 16.14%
Veröffentlicht 15.04.2023 02:15:07
Zuletzt bearbeitet 06.02.2025 16:15:31
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ieee ≫ Ieee 802.11

Sonicwall ≫ Tz670 Firmware Version-

Sonicwall ≫ Tz670 Version-

Sonicwall ≫ Tz570 Firmware Version-

Sonicwall ≫ Tz570 Version-

Sonicwall ≫ Tz570p Firmware Version-

Sonicwall ≫ Tz570p Version-

Sonicwall ≫ Tz570w Firmware Version-

Sonicwall ≫ Tz570w Version-

Sonicwall ≫ Tz470 Firmware Version-

Sonicwall ≫ Tz470 Version-

Sonicwall ≫ Tz470w Firmware Version-

Sonicwall ≫ Tz470w Version-

Sonicwall ≫ Tz370 Firmware Version-

Sonicwall ≫ Tz370 Version-

Sonicwall ≫ Tz370w Firmware Version-

Sonicwall ≫ Tz370w Version-

Sonicwall ≫ Tz270 Firmware Version-

Sonicwall ≫ Tz270 Version-

Sonicwall ≫ Tz270w Firmware Version-

Sonicwall ≫ Tz270w Version-

Sonicwall ≫ Tz600 Firmware Version-

Sonicwall ≫ Tz600 Version-

Sonicwall ≫ Tz600p Firmware Version-

Sonicwall ≫ Tz600p Version-

Sonicwall ≫ Tz500 Firmware Version-

Sonicwall ≫ Tz500 Version-

Sonicwall ≫ Tz500w Firmware Version-

Sonicwall ≫ Tz500w Version-

Sonicwall ≫ Tz400 Firmware Version-

Sonicwall ≫ Tz400 Version-

Sonicwall ≫ Tz400w Firmware Version-

Sonicwall ≫ Tz400w Version-

Sonicwall ≫ Tz350 Firmware Version-

Sonicwall ≫ Tz350 Version-

Sonicwall ≫ Tz350w Firmware Version-

Sonicwall ≫ Tz350w Version-

Sonicwall ≫ Tz300 Firmware Version-

Sonicwall ≫ Tz300 Version-

Sonicwall ≫ Tz300p Firmware Version-

Sonicwall ≫ Tz300p Version-

Sonicwall ≫ Tz300w Firmware Version-

Sonicwall ≫ Tz300w Version-

Sonicwall ≫ Soho 250 Firmware Version-

Sonicwall ≫ Soho 250 Version-

Sonicwall ≫ Soho 250w Firmware Version-

Sonicwall ≫ Soho 250w Version-

Sonicwall ≫ Sonicwave 231c Firmware Version-

Sonicwall ≫ Sonicwave 231c Version-

Sonicwall ≫ Sonicwave 224w Firmware Version-

Sonicwall ≫ Sonicwave 224w Version-

Sonicwall ≫ Sonicwave 432o Firmware Version-

Sonicwall ≫ Sonicwave 432o Version-

Sonicwall ≫ Sonicwave 621 Firmware Version-

Sonicwall ≫ Sonicwave 621 Version-

Sonicwall ≫ Sonicwave 641 Firmware Version-

Sonicwall ≫ Sonicwave 641 Version-

Sonicwall ≫ Sonicwave 681 Firmware Version-

Sonicwall ≫ Sonicwave 681 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	16.14%	0.946

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	1.6	5.9	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://papers.mathyvanhoef.com/usenix2023-wifi.pdf

Third Party Advisory

Exploit

Technical Description

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006

Third Party Advisory

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc

https://www.wi-fi.org/discover-wi-fi/passpoint

Not Applicable

https://nvd.nist.gov/vuln/detail/CVE-2022-47522

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-47522

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-47522

EUVD