Unrated severityNVD Advisory· Published Jan 6, 2012· Updated Apr 29, 2026

CVE-2011-5053

Description

The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is used, does not properly inform clients about failed PIN authentication, which makes it easier for remote attackers to discover the PIN value, and consequently discover the Wi-Fi network password or reconfigure an access point, by reading EAP-NACK messages.

Affected products

Wi Fi/WiFi Protected Setup Protocol
cpe:2.3:a:wi-fi:wifi_protected_setup_protocol:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/723755nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA12-006A.htmlnvdUS Government Resource
code.google.com/p/reaver-wps/nvd
sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdfnvd
sviehb.wordpress.com/2011/12/27/wi-fi-protected-setup-pin-brute-force-vulnerability/nvd
tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wpsnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000