CVE-2020-26144

CVSS v3.1 6.5 (Medium)

CVSS v2.0 3.3 (Low)

EPSS 0.12 % (47^th)

Affected Products 36

Advisories 8

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Weaknesses

CWE-20: Improper Input Validation

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2021-05-11 20:15:08
(3 years ago)
Updated Date: 2021-12-04 01:48:31
(2 years ago)

Affected Products

Arista

Samsung

Siemens

Configuration #1

AND

		CPE23
OR
	Samsung Galaxy I9305 Firmware 4.4.4	cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4
OR
	Running on/with
	Samsung Galaxy I9305	cpe:2.3:h:samsung:galaxy_i9305:-

Configuration #2

AND

		CPE23	Up To
OR
	Arista C-250 Firmware prior 10.0.1-31 version	cpe:2.3:o:arista:c-250_firmware	< 10.0.1-31
OR
	Running on/with
	Arista C-250	cpe:2.3:h:arista:c-250:-

Configuration #3

AND

		CPE23	Up To
OR
	Arista C-260 Firmware prior 10.0.1-31 version	cpe:2.3:o:arista:c-260_firmware	< 10.0.1-31
OR
	Running on/with
	Arista C-260	cpe:2.3:h:arista:c-260:-

Configuration #4

AND

		CPE23	Up To
OR
	Arista C-230 Firmware prior 10.0.1-31 version	cpe:2.3:o:arista:c-230_firmware	< 10.0.1-31
OR
	Running on/with
	Arista C-230	cpe:2.3:h:arista:c-230:-

Configuration #5

AND

		CPE23	Up To
OR
	Arista C-235 Firmware prior 10.0.1-31 version	cpe:2.3:o:arista:c-235_firmware	< 10.0.1-31
OR
	Running on/with
	Arista C-235	cpe:2.3:h:arista:c-235:-

Configuration #6

AND

		CPE23	Up To
OR
	Arista C-200 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:c-200_firmware	< 11.0.0-36
OR
	Running on/with
	Arista C-200	cpe:2.3:h:arista:c-200:-

Configuration #7

AND

		CPE23	Up To
OR
	Arista C-120 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:c-120_firmware	< 11.0.0-36
OR
	Running on/with
	Arista C-120	cpe:2.3:h:arista:c-120:-

Configuration #8

AND

		CPE23	Up To
OR
	Arista C-130 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:c-130_firmware	< 11.0.0-36
OR
	Running on/with
	Arista C-130	cpe:2.3:h:arista:c-130:-

Configuration #9

AND

		CPE23	Up To
OR
	Arista C-100 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:c-100_firmware	< 11.0.0-36
OR
	Running on/with
	Arista C-100	cpe:2.3:h:arista:c-100:-

Configuration #10

AND

		CPE23	Up To
OR
	Arista C-110 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:c-110_firmware	< 11.0.0-36
OR
	Running on/with
	Arista C-110	cpe:2.3:h:arista:c-110:-

Configuration #11

AND

		CPE23	Up To
OR
	Arista O-105 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:o-105_firmware	< 11.0.0-36
OR
	Running on/with
	Arista O-105	cpe:2.3:h:arista:o-105:-

Configuration #12

AND

		CPE23	Up To
OR
	Arista W-118 Firmware prior 11.0.0-36 version	cpe:2.3:o:arista:w-118_firmware	< 11.0.0-36
OR
	Running on/with
	Arista W-118	cpe:2.3:h:arista:w-118:-

Configuration #13

AND

		CPE23
OR
	Arista C-75 Firmware	cpe:2.3:o:arista:c-75_firmware:-
OR
	Running on/with
	Arista C-75	cpe:2.3:h:arista:c-75:-

Configuration #14

AND

		CPE23
OR
	Arista O-90 Firmware	cpe:2.3:o:arista:o-90_firmware:-
OR
	Running on/with
	Arista O-90	cpe:2.3:h:arista:o-90:-

Configuration #15

AND

		CPE23
OR
	Arista C-65 Firmware	cpe:2.3:o:arista:c-65_firmware:-
OR
	Running on/with
	Arista C-65	cpe:2.3:h:arista:c-65:-

Configuration #16

AND

		CPE23
OR
	Arista W-68 Firmware	cpe:2.3:o:arista:w-68_firmware:-
OR
	Running on/with
	Arista W-68	cpe:2.3:h:arista:w-68:-

Configuration #17

AND

		CPE23
OR
	Siemens Scalance W700 Ieee 802.11ax Firmware	cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware
OR
	Running on/with
	Siemens Scalance W700 Ieee 802.11ax	cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-

Configuration #18

AND

		CPE23
OR
	Siemens Scalance W700 Ieee 802.11n Firmware	cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware
OR
	Running on/with
	Siemens Scalance W700 Ieee 802.11n	cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-