Lucene search
HistorySep 11, 2023 - 7:15 a.m.
CVE-2023-40039
arris
wi-fi
default wpa2-psk
vulnerability
beacon frame
remote attacker
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
66.2%
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.
Affected configurations
Node
arristg852g_firmwareMatch-
arristg852gMatch-
Node
arristg862g_firmwareMatch-
arristg862gMatch-
Node
arristg1672g_firmwareMatch-
arristg1672gMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arris | tg852g_firmware | - | cpe:2.3:o:arris:tg852g_firmware:-:*:*:*:*:*:*:* |
| arris | tg852g | - | cpe:2.3:h:arris:tg852g:-:*:*:*:*:*:*:* |
| arris | tg862g_firmware | - | cpe:2.3:o:arris:tg862g_firmware:-:*:*:*:*:*:*:* |
| arris | tg862g | - | cpe:2.3:h:arris:tg862g:-:*:*:*:*:*:*:* |
| arris | tg1672g_firmware | - | cpe:2.3:o:arris:tg1672g_firmware:-:*:*:*:*:*:*:* |
| arris | tg1672g | - | cpe:2.3:h:arris:tg1672g:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-40039
2023-09-11 00:00:00
prion
prion
Design/Logic Flaw
2023-09-11 07:15:00
cve
cve
CVE-2023-40039
2023-09-11 07:15:08
githubexploit
githubexploit
Exploit for CVE-2023-34761
2023-01-21 01:57:05
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.003
Percentile
66.2%
Related for NVD:CVE-2023-40039