PT-2020-10031 · Mediatek · Mediatek Mt7620N

Published

2020-09-30

Updated

2021-07-21

CVE-2019-18989

CVSS v3.1

6.1

Medium

Vector

AC:L/AV:A/A:N/C:L/I:L/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions Mediatek MT7620N version 1.06

Description A partial authentication bypass issue exists, allowing an attacker to send an unencrypted data frame to a WPA2-protected WLAN router. The packet is then routed through the network, and if successful, a response is sent back as an encrypted frame. This could enable an attacker to discern information or potentially modify data.

Recommendations For Mediatek MT7620N version 1.06, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290

Related Identifiers

CVE-2019-18989

Affected Products

Mediatek Mt7620N

PT-2020-10031 · Mediatek · Mediatek Mt7620N

CVE-2019-18989

Weakness Enumeration

Related Identifiers

Affected Products

References · 3