diff --git a/epan/dissectors/packet-ieee80211.c b/epan/dissectors/packet-ieee80211.c
index fda0a1d32f..d78b7df44c 100644
--- a/epan/dissectors/packet-ieee80211.c
+++ b/epan/dissectors/packet-ieee80211.c
@@ -19554,6 +19554,15 @@ static conversation_t *find_wlan_conversation_pinfo(packet_info *pinfo)
   return find_conversation_pinfo(pinfo, 0);
 }
 
+static gboolean determine_nonce_is_set(tvbuff_t *tvb) {
+  int offset;
+
+  for (offset = 12; offset < 12 + 32; offset++)
+    if (tvb_get_guint8(tvb, offset))
+      return TRUE;
+  return FALSE;
+}
+
 static guint16 determine_mic_len(packet_info *pinfo, gboolean assoc_frame,
                                  gboolean *defaulted) {
   guint16 eapol_key_mic_len = 16; /* Default MIC length */
@@ -35715,6 +35724,7 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_
     NULL
   };
   guint16 eapol_data_offset = 76;  /* 92 - 16 */
+  gboolean has_nonce = determine_nonce_is_set(tvb);
   gboolean defaulted_mic_len = FALSE;
   guint16 eapol_key_mic_len = determine_mic_len(pinfo, FALSE, &defaulted_mic_len);
   save_proto_data_value(pinfo, eapol_key_mic_len, MIC_LEN_KEY);
@@ -35775,11 +35785,14 @@ dissect_wlan_rsna_eapol_wpa_or_rsn_key(tvbuff_t *tvb, packet_info *pinfo, proto_
       use the Secure Bit and/or the Nonce, but there are implementations ignoring the spec.
       The Secure Bit is incorrectly set on rekeys for Windows clients for Message 2 and the Nonce is non-zero
       in Message 4 in Bug 11994 (Apple?) */
+      /* In Wi-SUN protocol, message 2 does not contains any data. However, all the implementations
+       * respect 802.11X, so Secure Bit is set only on message 2 and Nonce is set only on message 4
+       * (see section 6.5.2.3 of Wi-SUN specification) */
       /* When using AES-SIV without plaintext (i.e. only for integrity), the ciphertext has length 16 */
       /* With MLO message 4 will have 12 bytes of data */
       if (((eapol_key_mic_len == 0) && (eapol_data_len > 16)) ||
-          ((eapol_key_mic_len > 0) && (eapol_data_len != 0) &&
-           (eapol_data_len != 12))) {
+          ((eapol_key_mic_len > 0) && (eapol_data_len == 0) && !(keyinfo & KEY_INFO_SECURE_MASK) && has_nonce) ||
+          ((eapol_key_mic_len > 0) && (eapol_data_len != 0) && (eapol_data_len != 12))) {
         ti = proto_tree_add_uint(tree, hf_wlan_rsna_eapol_wpa_keydes_msgnr, tvb, offset, 0, 2);
 
         col_set_str(pinfo->cinfo, COL_INFO, "Key (Message 2 of 4)");