CVE-2022-47522

Name of the Vulnerable Software and Affected Versions IEEE 802.11 specifications through 802.11ax

Description The issue allows physically proximate attackers to intercept target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key. The vulnerability can be exploited to bypass encryption in wireless networks and may be used to intercept traffic from isolated clients.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.