Vulnerabilities > Espressif > Esp8266 Nonos SDK > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-04 | CVE-2019-12587 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Espressif Esp-Idf and Esp8266 Nonos SDK The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key (PMK) after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames via a rogue access point. | 8.1 |