Lucene search

[email protected]CVE-2020-26140

HistoryMay 11, 2021 - 8:15 p.m.

CVE-2020-26140

2021-05-1120:15:00

CWE-327

[email protected]

web.nvd.nist.gov

227

alfa

windows

driver

vulnerability

plaintext frame

wep

wpa

wpa2

wpa3

wi-fi

network security

cve-2020-26140

6.5 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.5 Medium

AI Score

Confidence

High

3.3 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.9%

JSON

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

CPENameOperatorVersion
alfa:awus036h_firmwarealfa awus036h firmwareeq6.1316.1209
siemens:scalance_w1748-1_firmwaresiemens scalance w1748-1 firmwareeq-
siemens:scalance_w1750d_firmwaresiemens scalance w1750d firmwareeq-
siemens:scalance_w1788-1_firmwaresiemens scalance w1788-1 firmwareeq-
siemens:scalance_w1788-2_firmwaresiemens scalance w1788-2 firmwareeq-
siemens:scalance_w1788-2ia_firmwaresiemens scalance w1788-2ia firmwareeq-
siemens:scalance_w721-1_firmwaresiemens scalance w721-1 firmwareeq-
siemens:scalance_w722-1_firmwaresiemens scalance w722-1 firmwareeq-
siemens:scalance_w734-1_firmwaresiemens scalance w734-1 firmwareeq-
siemens:scalance_w738-1_firmwaresiemens scalance w738-1 firmwareeq-

CPE	Name	Operator	Version
alfa:awus036h_firmware	alfa awus036h firmware	eq	6.1316.1209
siemens:scalance_w1748-1_firmware	siemens scalance w1748-1 firmware	eq	-
siemens:scalance_w1750d_firmware	siemens scalance w1750d firmware	eq	-
siemens:scalance_w1788-1_firmware	siemens scalance w1788-1 firmware	eq	-
siemens:scalance_w1788-2_firmware	siemens scalance w1788-2 firmware	eq	-
siemens:scalance_w1788-2ia_firmware	siemens scalance w1788-2ia firmware	eq	-
siemens:scalance_w721-1_firmware	siemens scalance w721-1 firmware	eq	-
siemens:scalance_w722-1_firmware	siemens scalance w722-1 firmware	eq	-
siemens:scalance_w734-1_firmware	siemens scalance w734-1 firmware	eq	-
siemens:scalance_w738-1_firmware	siemens scalance w738-1 firmware	eq	-