{"containers":{"cna":{"affected":[{"product":"Realtek RTL8195A Wi-Fi Module","vendor":"n/a","versions":[{"status":"affected","version":"Versions before 2020-04-21 (up to and excluding 2.08)"}]}],"descriptions":[{"lang":"en","value":"The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-121","description":"Stack buffer overflow (CWE-121)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-02-03T16:49:02.000Z","orgId":"6b4ace4a-d6e0-415b-9ce8-aa20e97e4b24","shortName":"VDOO"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"vuln@vdoo.com","ID":"CVE-2020-25856","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Realtek RTL8195A Wi-Fi Module","version":{"version_data":[{"version_value":"Versions before 2020-04-21 (up to and excluding 2.08)"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Stack buffer overflow (CWE-121)"}]}]},"references":{"reference_data":[{"name":"https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered/","refsource":"CONFIRM","url":"https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T15:49:05.936Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.vdoo.com/blog/realtek-rtl8195a-vulnerabilities-discovered/"}]}]},"cveMetadata":{"assignerOrgId":"6b4ace4a-d6e0-415b-9ce8-aa20e97e4b24","assignerShortName":"VDOO","cveId":"CVE-2020-25856","datePublished":"2021-02-03T16:49:02.000Z","dateReserved":"2020-09-23T00:00:00.000Z","dateUpdated":"2024-08-04T15:49:05.936Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}