CVE-2020-26146

CWE-20 — Improper Input Validation CWE-307 CWE-345 CWE-772 CWE-997 documents7 sources

Severity

5.3MEDIUM

EPSS

1.5%

top 18.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

13

Arista C-100 Firmware Arista C-110 Firmware Arista C-120 Firmware +10 more

Timeline

PublishedMay 11

Latest updateMay 24

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages13 packages

▶NVDsamsung/galaxy_i9305_firmware4.4.4

▶NVDarista/c-100_firmware< 11.0.0-36

▶NVDarista/c-110_firmware< 11.0.0-36

▶NVDarista/c-120_firmware< 11.0.0-36

▶NVDarista/c-130_firmware< 11.0.0-36

🔴Vulnerability Details

3

GHSA

GHSA-pwgj-jw9h-pg74: An issue was discovered on Samsung Galaxy S3 i9305 4↗2022-05-24

▶

CVEList

CVE-2020-26146: An issue was discovered on Samsung Galaxy S3 i9305 4↗2021-05-11

▶

OSV

CVE-2020-26146: An issue was discovered on Samsung Galaxy S3 i9305 4↗2021-05-11

▶

📋Vendor Advisories

3

Android

CVE-2020-26146: WLAN↗2021-10-01

▶

Red Hat

kernel: reassembling encrypted fragments with non-consecutive packet numbers↗2021-05-11

▶

Cisco

Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021↗2021-05-11

▶