Medium
The vulnerability exists because after an affected device handles a disassociation event it could send a limited number of Wi-Fi frames encrypted with a static, weak PTK. An attacker could exploit this vulnerability by acquiring these frames and decrypting them with the static PTK. A successful exploit could allow the attacker to decrypt Wi-Fi frames without the knowledge of the security session establishment used to secure the Wi-Fi network.
Information Disclosure
Cisco will released the upgraded patches to address the vulnerability. List of affected products can be found here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure