CVE-2020-26140 — Use of a Broken or Risky Cryptographic Algorithm in Awus036h Firmware

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm CWE-346 — Origin Validation Error CWE-345 — Insufficient Verification of Data Authenticity CWE-772 — Missing Release of Resource after Effective Lifetime CWE-99 — Resource Injection CWE-74 — Injection8 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 63.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Alfa Awus036h Firmware

Timeline

PublishedMay 11

Latest updateMay 24

Description

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDalfa/awus036h_firmware6.1316.1209

🔴Vulnerability Details

GHSA

GHSA-px4f-q3pw-j682: An issue was discovered in the ALFA Windows 10 driver 6↗2022-05-24

▶

OSV

CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6↗2021-05-11

▶

CVEList

CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6↗2021-05-11

▶

📋Vendor Advisories

Android

CVE-2020-26140: Closed-source component↗2021-10-01

▶

Red Hat

kernel: accepting plaintext data frames in protected networks↗2021-05-11

▶

Cisco

Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021↗2021-05-11

▶

💬Community

HackerOne

Fragmentation and Aggregation Flaws in Wi-Fi↗2021-07-23

▶