Vulnerability Report

CVE-2022-47522

Title: Sonicwall Tz570P Cryptographic Failures

Cryptographic Failures

Proof Of Concept

PoC Available for CVE-2022-47522

CWE Category CWE-290

Published Date Apr 15, 2023

Modified Date Feb 06, 2025

Exploit Status Available

Score 7.5 CVSS v3.1

Exploit Probability (EPSS)

12.59%

Vulnerability Summary

CVE-2022-47522: The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.

Impacted Vendors

ieee 1

sonicwall 29

Reference Links

https://papers.mathyvanhoef.com/usenix2023-wifi.pdf https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc https://www.wi-fi.org/discover-wi-fi/passpoint https://papers.mathyvanhoef.com/usenix2023-wifi.pdf https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0006 https://www.freebsd.org/security/advisories/FreeBSD-SA-23:11.wifi.asc https://www.wi-fi.org/discover-wi-fi/passpoint

CVSS v3.1

Source Entity [email protected]

Severity HIGH

7.5

Attack Vector

ADJACENT_NETWORK

Complexity

HIGH

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v3.1

Source Entity 134c704f-9b21-4f2e-91b3-4a467353bcc0

Severity HIGH

7.5

Attack Vector

ADJACENT_NETWORK

Complexity

HIGH

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2022-47522 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/toffeenutt/CVE-2022-47522-PoC

View Code

February 06, 2025 MODIFIED

Vulnerability data or affected products updated.

April 15, 2023 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector ADJACENT_NETWORK

Complexity HIGH

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.