vulnerability
Microsoft Windows: CVE-2020-26144: Windows Wireless Networking Spoofing Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:A/AC:L/Au:N/C:N/I:P/A:N) | May 11, 2021 | May 11, 2021 | Sep 6, 2024 |
Severity
3
CVSS
(AV:A/AC:L/Au:N/C:N/I:P/A:N)
Published
May 11, 2021
Added
May 11, 2021
Modified
Sep 6, 2024
Description
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Solution(s)
microsoft-windows-windows_10-1507-kb5003172microsoft-windows-windows_10-1607-kb5003197microsoft-windows-windows_10-1803-kb5003174microsoft-windows-windows_10-1809-kb5003171microsoft-windows-windows_10-1909-kb5003169microsoft-windows-windows_10-2004-kb5003173microsoft-windows-windows_10-20h2-kb5003173microsoft-windows-windows_server_2012-kb5003203microsoft-windows-windows_server_2012_r2-kb5003220microsoft-windows-windows_server_2016-1607-kb5003197microsoft-windows-windows_server_2019-1809-kb5003171msft-kb5003169-100e483c-fdd0-4798-98ff-749598eb44dcmsft-kb5003173-526cbcf1-1a27-4425-b1c8-4ad4ba713cf9msft-kb5003173-d9fd3f4a-b6b8-4bb8-a5f5-55bc477b259dmsft-kb5003203-ba33654a-837a-41e0-8b4c-9c1398022c83msft-kb5003203-f1497061-bea0-404b-a57f-28dfd236a7a3msft-kb5003220-26cfa708-2eb5-47f1-803c-714473752c73msft-kb5003220-edc429de-b659-4d5c-bdc1-e3fb97f108edmsft-kb5003225-c5277086-5370-4d3a-b1fd-0277247188fcmsft-kb5003225-f358a4b0-5a53-485c-aca6-2376e56ddb01msft-kb5003228-438020ac-acaa-488f-93e5-4138ad00658cmsft-kb5003228-78019214-1216-4370-a913-0f45e37e1bd4msft-kb5003228-7ff144a6-5518-4338-9169-6853cdc808aemsft-kb5003228-f5bfe18f-6fcf-41d1-b502-c14f0dfee1f0msft-kb5003228-f7af9fde-a532-4630-b14d-b6dff7efce2a
References
- CVE-2020-26144
- https://attackerkb.com/topics/CVE-2020-26144
- URL-https://support.microsoft.com/help/5003169
- URL-https://support.microsoft.com/help/5003171
- URL-https://support.microsoft.com/help/5003172
- URL-https://support.microsoft.com/help/5003173
- URL-https://support.microsoft.com/help/5003174
- URL-https://support.microsoft.com/help/5003197
- URL-https://support.microsoft.com/help/5003203
- URL-https://support.microsoft.com/help/5003209
- URL-https://support.microsoft.com/help/5003220
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.