CVE-2023-52160

Name of the Vulnerable Software and Affected Versions wpa supplicant versions through 2.10

Description The issue is related to the implementation of PEAP in wpa supplicant, which allows authentication bypass. For a successful attack, wpa supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap peap decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Up to 2.3 billion user devices may be exposed to this issue, including Android, Linux, and ChromeOS devices.

Recommendations For wpa supplicant versions through 2.10, consider disabling the use of PEAP until a patch is available. Restrict access to Enterprise Wi-Fi networks to minimize the risk of exploitation. Avoid using configurations that do not verify the network's TLS certificate during Phase 1 authentication. As a temporary workaround, consider configuring wpa supplicant to verify the network's TLS certificate during Phase 1 authentication to prevent authentication bypass.