CVE-2023-40039

An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
arristg852g_firmware
-
arristg862g_firmware
-
arristg1672g_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039
https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png
https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg
https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039
https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png
https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg