CVE-2020-26146
CVSS v3.1
5.3 (Medium)
CVSS v2.0
2.9 (Low)
EPSS
0.12 % (47th)
Affected Products
38
Advisories
6
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
Weaknesses
- CWE-20
- Improper Input Validation
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2021-05-11 20:15:08
(3 years ago) - Updated Date
-
2021-12-06 13:45:13
(2 years ago)
Affected Products
- C-100
- C-110
- C-120
- C-130
- C-200
- C-230
- C-235
- C-250
- C-260
- C-65
- C-75
- O-105
- O-90
- W-118
- W-68
- C-100 Firmware
- C-110 Firmware
- C-120 Firmware
- C-130 Firmware
- C-200 Firmware
- C-230 Firmware
- C-235 Firmware
- C-250 Firmware
- C-260 Firmware
- C-65 Firmware
- C-75 Firmware
- O-105 Firmware
- O-90 Firmware
- W-118 Firmware
- W-68 Firmware
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
AND |
|
---|
Configuration #5
AND |
|
---|
Configuration #6
AND |
|
---|
Configuration #7
AND |
|
---|
Configuration #8
AND |
|
---|
Configuration #9
AND |
|
---|
Configuration #10
AND |
|
---|
Configuration #11
AND |
|
---|
Configuration #12
AND |
|
---|
Configuration #13
AND |
|
---|
Configuration #14
AND |
|
---|
Configuration #15
AND |
|
---|
Configuration #16
AND |
|
---|
Configuration #17
AND |
|
---|
Configuration #18
AND |
|
---|
Configuration #19
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...