1. Home
  2. Vulnerabilities
  3. CVE-2020-26142

CVE-2020-26142

CVSS v3.1 5.3 (Medium)
53% Progress
CVSS v2.0 2.6 (Low)
26% Progress
EPSS 0.12 % (46th)
0.12% Progress
Affected Products 1
Advisories 2
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.

Weaknesses
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2021-05-11 20:15:08
(3 years ago)
Updated Date
2021-12-03 21:12:09
(2 years ago)

Affected Products

Openbsd

Configuration #1

    CPE23 From Up To
  Openbsd 6.6 cpe:2.3:o:openbsd:openbsd:6.6