cve/CVE-2020-26146.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

POC

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

Github

https://github.com/kali973/fragAttacks
https://github.com/vanhoefm/fragattacks

1.1 KiB Raw Blame History

CVE-2020-26146

Description

POC

Reference

Github

1.1 KiB

Raw Blame History