An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/05/11/12 | Mailing List Third Party Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf | Third Party Advisory |
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md | Third Party Advisory |
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu | Third Party Advisory |
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 | Third Party Advisory |
https://www.fragattacks.com | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
History
04 Dec 2021, 01:48
Type | Values Removed | Values Added |
---|---|---|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu - Third Party Advisory | |
References | (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 - Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf - Third Party Advisory | |
CPE | cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:arista:w-118_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:arista:c-100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:arista:c-110_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:arista:o-105_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:o-105:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-130:-:*:*:*:*:*:*:* cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-110:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-120_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-120:-:*:*:*:*:*:*:* cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:w-118:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-130_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:scalance_w700_ieee_802.11ax:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_w700_ieee_802.11ax_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:* cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:* cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:* cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:* cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:arista:c-100:-:*:*:*:*:*:*:* |
28 Oct 2021, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 May 2021, 19:02
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-20 | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/05/11/12 - Mailing List, Third Party Advisory | |
References | (MISC) https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md - Third Party Advisory | |
References | (MISC) https://www.fragattacks.com - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 6.5 |
CPE | cpe:2.3:h:samsung:galaxy_i9305:-:*:*:*:*:*:*:* cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:* |
Information
Published : 2021-05-11 20:15
Updated : 2024-02-04 21:47
NVD link : CVE-2020-26144
Mitre link : CVE-2020-26144
CVE.ORG link : CVE-2020-26144
JSON object : View
Products Affected
arista
- c-235
- c-200
- c-250_firmware
- o-105_firmware
- c-230_firmware
- c-110_firmware
- c-200_firmware
- c-110
- c-260_firmware
- c-235_firmware
- c-100
- c-65
- c-250
- w-118
- w-68_firmware
- c-120_firmware
- c-130
- o-90_firmware
- c-130_firmware
- c-260
- c-75_firmware
- o-90
- c-65_firmware
- w-118_firmware
- c-75
- w-68
- c-120
- o-105
- c-230
- c-100_firmware
siemens
- scalance_w700_ieee_802.11n_firmware
- scalance_w700_ieee_802.11n
- scalance_w700_ieee_802.11ax
- scalance_w700_ieee_802.11ax_firmware
samsung
- galaxy_i9305
- galaxy_i9305_firmware
CWE
CWE-20
Improper Input Validation