diff -Nur orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c wpa_supplicant-2.6/src/eap_peer/eap_pwd.c
--- orig-wpa_supplicant-2.6/src/eap_peer/eap_pwd.c	2020-02-03 19:32:18.847432926 +0800
+++ wpa_supplicant-2.6/src/eap_peer/eap_pwd.c	2020-02-03 19:33:32.688400551 +0800
@@ -451,6 +451,26 @@
 		goto fin;
 	}
 
+	/* verify received scalar */
+	if (crypto_bignum_is_zero(data->server_scalar) ||
+	    crypto_bignum_is_one(data->server_scalar) ||
+	    crypto_bignum_cmp(data->server_scalar,
+			      crypto_ec_get_order(data->grp->group)) >= 0) {
+		wpa_printf(MSG_INFO,
+			   "EAP-PWD (peer): received scalar is invalid");
+		goto fin;
+	}
+
+	/* verify received element */
+	if (!crypto_ec_point_is_on_curve(data->grp->group,
+					 data->server_element) ||
+	    crypto_ec_point_is_at_infinity(data->grp->group,
+					   data->server_element)) {
+		wpa_printf(MSG_INFO,
+			   "EAP-PWD (peer): received element is invalid");
+		goto fin;
+	}
+
 	/* compute the shared key, k */
 	if ((!EC_POINT_mul(data->grp->group, K, NULL, data->grp->pwe,
 			   data->server_scalar, data->bnctx)) ||