CVE-2015-1863

Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.

Published: 2015-04-28 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2015-1863 is rated Moderate Risk (51.9/100): CVSS Medium severity, with high exploitation likelihood (EPSS 5.23%, 91th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2015-1863

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 8.55% 5.23% -3.32%
2 2025-12-01 5.38% 8.55% +3.17%
3 2025-05-10 5.38%

Full EPSS history (13 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2015-1863

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.8 2.0 MEDIUM
AV:A/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:A)
Requires access to an adjacent network segment.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
6.5 6.4 [email protected]

Weakness enumeration for CVE-2015-1863

OS Trackers for CVE-2015-1863

vendor priority summary link
debian not yet assigned CVE-2015-1863 not yet assigned priority: Debian including 1 source packages (wpa), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2015-1863
gentoo normal CVE-2015-1863: 1 GLSA(s) (201606-17), 2 atom(s) (net-wireless/hostapd, net-wireless/wpa_supplicant); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2015-1863
redhat high https://access.redhat.com/security/cve/CVE-2015-1863
suse low CVE-2015-1863 severity low: SUSE including 25 source package names (hostapd-2.6-1.1, wpa_supplicant, …), 70 product×package rows across 61 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (61 product lines)): Fixed 40, Known Not Affected 30. https://www.suse.com/security/cve/CVE-2015-1863/
ubuntu medium CVE-2015-1863 medium priority: Ubuntu including 2 source packages (wpa, wpasupplicant), 12 status rows across 6 suites (lucid, precise, trusty, upstream, utopic, vivid): DNE 5, released 3, needs-triage 2, not-affected 2. https://ubuntu.com/security/CVE-2015-1863

Affected software / configurations for CVE-2015-1863

Vendor Product Version Raw CPE
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 14.10 cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
canonical ubuntu_linux 15.04 cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
w1.fi wpa_supplicant 1.0 cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
w1.fi wpa_supplicant 1.1 cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
w1.fi wpa_supplicant 2.0 cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
w1.fi wpa_supplicant 2.1 cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
w1.fi wpa_supplicant 2.2 cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
w1.fi wpa_supplicant 2.3 cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
w1.fi wpa_supplicant 2.4 cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
redhat enterprise_linux_desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_hpc_node 7.0 cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_hpc_node_eus 7.1 cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*
redhat enterprise_linux_server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
redhat enterprise_linux_server_eus 7.1 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
redhat enterprise_linux_workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
debian debian_linux 7.0 cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
opensuse opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuse opensuse 13.2 cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

References for CVE-2015-1863

URL Tags
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html Third Party Advisory
http://packetstormsecurity.com/files/131598/Android-wpa_supplicant-Heap-Overflow.html Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2015-1090.html Third Party Advisory
http://seclists.org/fulldisclosure/2015/Apr/82 Third Party Advisory VDB Entry
http://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.p1ECc3&id=19
http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt Third Party Advisory
http://www.debian.org/security/2015/dsa-3233 Third Party Advisory
http://www.securityfocus.com/archive/1/535353/100/0/threaded
http://www.securityfocus.com/bid/74296
http://www.securitytracker.com/id/1032192 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2577-1 Third Party Advisory
https://security.gentoo.org/glsa/201606-17 Third Party Advisory
cvelogic Threat Intelligence