CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.2%
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Vendor | Product | Version | CPE |
---|---|---|---|
alfa | awus036h_firmware | 1030.36.604 | cpe:2.3:o:alfa:awus036h_firmware:1030.36.604:*:*:*:*:windows_10:*:* |
alfa | awus036h | - | cpe:2.3:h:alfa:awus036h:-:*:*:*:*:*:*:* |
arista | c-75_firmware | - | cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:* |
arista | c-75 | - | cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:* |
arista | o-90_firmware | - | cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:* |
arista | o-90 | - | cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:* |
arista | c-65_firmware | - | cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:* |
arista | c-65 | - | cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:* |
arista | w-68_firmware | - | cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:* |
arista | w-68 | - | cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2021/05/11/12
cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf
github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
www.fragattacks.com
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
61.2%