{ "id": "CVE-2020-26145", "sourceIdentifier": "cve@mitre.org", "published": "2021-05-11T20:15:08.873", "lastModified": "2022-05-13T20:53:57.840", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration." }, { "lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos Samsung Galaxy S3 i9305 versi\u00f3n 4.4.4. Las implementaciones de WEP, WPA, WPA2 y WPA3 aceptan segundos fragmentos de transmisi\u00f3n (o posteriores) incluso cuando se env\u00edan en texto plano y los procesan como tramas completas no fragmentados. Un adversario puede abusar de esto para inyectar paquetes de red arbitrarios independientemente de la configuraci\u00f3n de la red" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "accessVector": "ADJACENT_NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 3.3 }, "baseSeverity": "LOW", "exploitabilityScore": 6.5, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-20" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B5CFC281-DDBA-4511-A271-FCFFA337E2B9" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:samsung:galaxy_i9305:-:*:*:*:*:*:*:*", "matchCriteriaId": "79194A52-BFFC-448B-9032-F29D2A5971BE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5763-1al00-7da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "9C148549-31FC-48E5-860B-56364F15A9A4" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5763-1al00-7da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "72E99748-08CA-4515-B64B-A7696E7C9824" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "B6E3450B-8B5F-4510-8D07-1D5A1BA214E1" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9A76803-CFF6-4A82-A5EC-10A3946A91D3" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7db0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "7A9D34A4-CBF4-4B78-A20D-33DB7DD3609E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7db0:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AAE92C7-5197-48AA-9334-62D3E313F8AE" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1je00-7da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "74D91A1E-53EE-482B-A3D1-53E955DCDE2E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1je00-7da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D4F2AD0-57B4-4947-8887-9F26C47909CB" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7ta0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "DBD0BD5B-54E2-4A29-8AFE-D4796B65FA2B" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7ta0:-:*:*:*:*:*:*:*", "matchCriteriaId": "4450B377-C7C1-4225-9304-C4AC79AB7E71" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7tb0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "C8852F24-7613-43AA-A91C-4665721C75DA" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7tb0:-:*:*:*:*:*:*:*", "matchCriteriaId": "802CE18D-AF89-46F3-82EF-83F9590A49DA" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1je00-7ta0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "B8040707-3EE4-48CD-BEB0-B11136EC1841" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1je00-7ta0:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFC81171-3522-4982-BFA8-940E161AF217" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5763-1al00-3aa0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "749D2AF5-A5A4-4CBF-98C9-A3AC9C55494E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5763-1al00-3aa0:-:*:*:*:*:*:*:*", "matchCriteriaId": "E50D46EE-B0D0-4385-BF21-804CB1B9556C" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5763-1al00-3da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "05C27085-76D9-4185-A578-82B71A360731" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5763-1al00-3da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "781FDDBB-8DCA-4B65-8906-E78FBE3CFDA1" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-3da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "7A705BE0-37DB-4D49-AD50-B68CFE273C0D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-3da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C591807-63DE-40DC-8E0A-083080FDC6FC" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-3db0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "D66877F3-BA23-4FAE-8FFD-7E81332F58B6" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-3db0:-:*:*:*:*:*:*:*", "matchCriteriaId": "142E900D-63F3-4CC7-9E27-026B4C38A803" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:siemens:6gk5766-1je00-3da0_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.2", "matchCriteriaId": "800E0542-02E5-4390-9AF0-82F3DD0B2523" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:siemens:6gk5766-1je00-3da0:-:*:*:*:*:*:*:*", "matchCriteriaId": "420D0BD5-A206-4A3F-8978-6D0959CE4F14" } ] } ] } ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12", "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ] }, { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf", "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md", "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ] }, { "url": "https://www.fragattacks.com", "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ] } ] }