CVE-2020-26145
6.5
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD
Description
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Affected (13)
Products: Samsung: Galaxy I9305 Firmware · Siemens: 6gk5763 1al00 7da0 Firmware, 6gk5766 1ge00 7da0 Firmware, 6gk5766 1ge00 7db0 Firmware, 6gk5766 1je00 7da0 Firmware, 6gk5766 1ge00 7ta0 Firmware, 6gk5766 1ge00 7tb0 Firmware, 6gk5766 1je00 7ta0 Firmware, 6gk5763 1al00 3aa0 Firmware, 6gk5763 1al00 3da0 Firmware, 6gk5766 1ge00 3da0 Firmware, 6gk5766 1ge00 3db0 Firmware, 6gk5766 1je00 3da0 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 4.4.4 |
| Running on/with | Platform Versions |
|---|---|
Samsung Galaxy I9305 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5763 1al00 7da0 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 7da0 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 7db0 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1je00 7da0 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 7ta0 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 7tb0 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1je00 7ta0 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5763 1al00 3aa0 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5763 1al00 3da0 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 3da0 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1ge00 3db0 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.2 |
| Running on/with | Platform Versions |
|---|---|
Siemens 6gk5766 1je00 3da0 | All versions |
References (9)
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e
Timeline
No history available yet.