Ieee : Security Vulnerabilities, CVEs, CVSS score >= 6
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.
Max CVSS
7.5
EPSS Score
0.06%
Published
2023-04-15
Updated
2023-09-07
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: this was reported in 2008 to affect Windows Vista, but some Linux-based operating systems have protection mechanisms against this attack.
Max CVSS
7.2
EPSS Score
0.18%
Published
2005-03-01
Updated
2018-10-19
2 vulnerabilities found