{"id":"CVE-2020-12638","details":"An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption.","modified":"2026-05-18T09:04:57.219570Z","published":"2020-07-23T16:15:12.490Z","references":[{"type":"ADVISORY","url":"https://github.com/espressif/ESP8266_NONOS_SDK"},{"type":"ADVISORY","url":"https://github.com/espressif/ESP8266_RTOS_SDK"},{"type":"ADVISORY","url":"https://github.com/espressif/esp-idf"},{"type":"FIX","url":"https://lbsfilm.at/blog/wpa2-authenticationmode-downgrade-in-espressif-microprocessors"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/espressif/esp-idf","events":[{"introduced":"0"},{"last_affected":"ee899cb2aac50349bb83524910f4f34920579386"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"4.2"}]}}],"versions":["v4.2-dev","v4.1-dev","v4.0-dev","v3.3-beta2","v3.3-beta1","v3.2-beta1","v3.3-dev","v3.1-beta1","v3.2-dev","v3.1-dev","v2.1-rc1","v3.0-dev","v2.0-rc1","v1.0","v0.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-12638.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/espressif/esp8266_nonos_sdk","events":[{"introduced":"0"},{"last_affected":"3fe474e040450e0ab72ea75f8f00c3d9c6279025"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:espressif:esp8266_nonos_sdk:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.0.3"}]}}],"versions":["v3.0.3","v3.0.2","v3.0","v2.2.0","v2.1.0","v2.0.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-12638.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/espressif/esp8266_rtos_sdk","events":[{"introduced":"0"},{"last_affected":"9f9ee5a97b4818b110bde88eb60c602569a0038d"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:espressif:esp8266_rtos_sdk:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.3"}]}}],"versions":["v3.2","v3.3-dev","v3.1-rc1","v3.2-dev","v3.1-dev","v3.0-rc1","v3.0-dev","v2.0.0","v2.0.0-rc1","v1.5.0","v1.4.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-12638.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}