1. Home
  2. Vulnerabilities
  3. CVE-2020-26146

CVE-2020-26146

CVSS v3.1 5.3 (Medium)
53% Progress
CVSS v2.0 2.9 (Low)
29% Progress
EPSS 0.12 % (47th)
0.12% Progress
Affected Products 38
Advisories 6
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2021-05-11 20:15:08
(3 years ago)
Updated Date
2021-12-06 13:45:13
(2 years ago)

Affected Products

Arista

Samsung

Siemens

Configuration #1

AND
    CPE23 From Up To
OR  
  Samsung Galaxy I9305 Firmware 4.4.4 cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4
OR  
  Running on/with
  Samsung Galaxy I9305 cpe:2.3:h:samsung:galaxy_i9305:-

Configuration #2

AND
    CPE23 From Up To
OR  
  Arista C-250 Firmware prior 10.0.1-31 version cpe:2.3:o:arista:c-250_firmware < 10.0.1-31
OR  
  Running on/with
  Arista C-250 cpe:2.3:h:arista:c-250:-

Configuration #3

AND
    CPE23 From Up To
OR  
  Arista C-260 Firmware prior 10.0.1-31 version cpe:2.3:o:arista:c-260_firmware < 10.0.1-31
OR  
  Running on/with
  Arista C-260 cpe:2.3:h:arista:c-260:-

Configuration #4

AND
    CPE23 From Up To
OR  
  Arista C-230 Firmware prior 10.0.1-31 version cpe:2.3:o:arista:c-230_firmware < 10.0.1-31
OR  
  Running on/with
  Arista C-230 cpe:2.3:h:arista:c-230:-

Configuration #5

AND
    CPE23 From Up To
OR  
  Arista C-235 Firmware prior 10.0.1-31 version cpe:2.3:o:arista:c-235_firmware < 10.0.1-31
OR  
  Running on/with
  Arista C-235 cpe:2.3:h:arista:c-235:-

Configuration #6

AND
    CPE23 From Up To
OR  
  Arista C-200 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:c-200_firmware < 11.0.0-36
OR  
  Running on/with
  Arista C-200 cpe:2.3:h:arista:c-200:-

Configuration #7

AND
    CPE23 From Up To
OR  
  Arista C-120 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:c-120_firmware < 11.0.0-36
OR  
  Running on/with
  Arista C-120 cpe:2.3:h:arista:c-120:-

Configuration #8

AND
    CPE23 From Up To
OR  
  Arista C-130 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:c-130_firmware < 11.0.0-36
OR  
  Running on/with
  Arista C-130 cpe:2.3:h:arista:c-130:-

Configuration #9

AND
    CPE23 From Up To
OR  
  Arista C-100 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:c-100_firmware < 11.0.0-36
OR  
  Running on/with
  Arista C-100 cpe:2.3:h:arista:c-100:-

Configuration #10

AND
    CPE23 From Up To
OR  
  Arista C-110 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:c-110_firmware < 11.0.0-36
OR  
  Running on/with
  Arista C-110 cpe:2.3:h:arista:c-110:-

Configuration #11

AND
    CPE23 From Up To
OR  
  Arista O-105 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:o-105_firmware < 11.0.0-36
OR  
  Running on/with
  Arista O-105 cpe:2.3:h:arista:o-105:-

Configuration #12

AND
    CPE23 From Up To
OR  
  Arista W-118 Firmware prior 11.0.0-36 version cpe:2.3:o:arista:w-118_firmware < 11.0.0-36
OR  
  Running on/with
  Arista W-118 cpe:2.3:h:arista:w-118:-

Configuration #13

AND
    CPE23 From Up To
OR  
  Arista C-75 Firmware cpe:2.3:o:arista:c-75_firmware:-
OR  
  Running on/with
  Arista C-75 cpe:2.3:h:arista:c-75:-

Configuration #14

AND
    CPE23 From Up To
OR  
  Arista O-90 Firmware cpe:2.3:o:arista:o-90_firmware:-
OR  
  Running on/with
  Arista O-90 cpe:2.3:h:arista:o-90:-

Configuration #15

AND
    CPE23 From Up To
OR  
  Arista C-65 Firmware cpe:2.3:o:arista:c-65_firmware:-
OR  
  Running on/with
  Arista C-65 cpe:2.3:h:arista:c-65:-

Configuration #16

AND
    CPE23 From Up To
OR  
  Arista W-68 Firmware cpe:2.3:o:arista:w-68_firmware:-
OR  
  Running on/with
  Arista W-68 cpe:2.3:h:arista:w-68:-

Configuration #17

AND
    CPE23 From Up To
OR  
  Siemens Scalance W700 Ieee 802.11n Firmware cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware
OR  
  Running on/with
  Siemens Scalance W700 Ieee 802.11n cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-

Configuration #18

AND
    CPE23 From Up To
OR  
  Siemens Scalance W1700 Ieee 802.11ac Firmware cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware
OR  
  Running on/with
  Siemens Scalance W1700 Ieee 802.11ac cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-

Configuration #19

AND
    CPE23 From Up To
OR  
  Siemens Scalance W1750d Firmware prior 8.7.1.3 version cpe:2.3:o:siemens:scalance_w1750d_firmware < 8.7.1.3
OR  
  Running on/with
  Siemens Scalance W1750d cpe:2.3:h:siemens:scalance_w1750d:-