<![CDATA[ESP32/ESP8266 (CVE-2019-12586) and (CVE-2019-12587)]]>

<![CDATA[ESP32/ESP8266 (CVE-2019-12586) and (CVE-2019-12587)]]>hi all,
Look like core code must be updated asap.
Patch
https://github.com/espressif/esp-idf/commit/8009320fb44abaf8acf8a1e1a38a67fc4c8d458c

ESP32/ESP8266 EAP client crash (CVE-2019-12586)
Crashing ESP devices connected to enterprise networks

And another
Zero PMK Installation (CVE-2019-12587)
Hijacking ESP32/ESP8266 clients connected to enterprise networks

]]>https://community.m5stack.com/topic/1287/esp32-esp8266-cve-2019-12586-and-cve-2019-12587RSS for NodeMon, 11 May 2026 14:20:27 GMTWed, 04 Sep 2019 07:53:44 GMT60