vulnerability
FreeBSD: VID-924cb116-4d35-11ee-8e38-002590c1f29c (CVE-2022-47522): FreeBSD -- Wi-Fi encryption bypass
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:A/AC:M/Au:N/C:C/I:C/A:C) | Sep 7, 2023 | Sep 7, 2023 | Dec 10, 2025 |
Severity
8
CVSS
(AV:A/AC:M/Au:N/C:C/I:C/A:C)
Published
Sep 7, 2023
Added
Sep 7, 2023
Modified
Dec 10, 2025
Description
Problem Description: The net80211 subsystem would fallback to the multicast key for unicast traffic in the event the unicast key was removed. This would result in buffered unicast traffic being exposed to any stations with access to the multicast key. Impact: As described in the "Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues" paper, an attacker can induce an access point to buffer frames for a client, deauthenticate the client (causing the unicast key to be removed from the access point), and subsequent flushing of the buffered frames now encrypted with the multicast key. This would give the attacker access to the data.
Solutions
freebsd-upgrade-base-13_2-release-p3freebsd-upgrade-base-12_4-release-p5
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.