csaf_cisa - icsa-22-102-04

icsa-22-102-04

Vulnerability from csaf_cisa

Published

2022-04-12 00:00

Modified

2022-05-12 00:00

Summary

Mitsubishi Electric GT25-WLAN

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

There are multiple vulnerabilities due to design flaws in the frame fragmentation functionality and the frame aggregation functionality in the Wireless Communication Standards IEEE 802.11. These vulnerabilities could allow an attacker to steal communication contents or inject unauthorized packets.

Critical infrastructure sectors

Critical Manufacturing

Countries/areas deployed

Worldwide

Company headquarters location

Japan

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Mitsubishi Electric",
        "summary": "reporting these vulnerabilities to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "There are multiple vulnerabilities due to design flaws in the frame fragmentation functionality and the frame aggregation functionality in the Wireless Communication Standards IEEE 802.11. These vulnerabilities could allow an attacker to steal communication contents or inject unauthorized packets.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Japan",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet; Locate control system networks and remote devices behind firewalls and isolate them from the business network; When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-102-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-102-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-102-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-102-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Mitsubishi Electric GT25-WLAN",
    "tracking": {
      "current_release_date": "2022-05-12T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-102-04",
      "initial_release_date": "2022-04-12T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-04-12T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-22-102-04 Mitsubishi Electric GT25-WLAN"
        },
        {
          "date": "2022-05-12T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-22-102-04 Mitsubishi Electric GT25-WLAN (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c= 01.39.000",
                "product": {
                  "name": "GT25-WLAN: Version 01.39.000 and earlier",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "GT25-WLAN"
          }
        ],
        "category": "vendor",
        "name": "Mitsubishi Electric"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-24586",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to a fragment cache attack as it does not clear fragments from memory when (re)connecting. This may allow an attacker to steal communication contents or inject unauthorized packets. CVE-2020-24586 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24586"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-24587",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to a mixed key attack as it reassembles fragments encrypted under different keys. This may allow an attacker to steal communication contents. CVE-2020-24587 has been assigned to this vulnerability. A CVSS v3 base score of 2.6 has been assigned; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24587"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-24588",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to an aggregation attack as it accepts non-SPP A-MSDU frames. This may allow an attacker to inject unauthorized packets. CVE-2020-24588 has been assigned to this vulnerability. A CVSS v3 base score of 3.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24588"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26140",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product can accept plaintext data frames in a protected network. This may allow an attacker to inject unauthorized packets. CVE-2020-26140 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26140"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26143",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product is vulnerable to accepting fragmented plaintext data frames in a protected network. This may allow an attacker to inject unauthorized packets. CVE-2020-26143 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26143"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26144",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product can accept plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL in an encrypted network. This may allow an attacker to inject unauthorized packets. CVE-2020-26144 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26144"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2020-26146",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product can reassemble encrypted fragments with non-consecutive packet numbers. This may allow an attacker to steal communication contents. CVE-2020-26146 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "For users who use the affected products and versions, please update to the fixed versions",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the versions in use by referencing GOT2000 Series User\u0027s Manual (Utility) (SH-081195ENG), 6.9 Package Data Management - \u201cProperty operation.\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "The latest version of the manual is available from Mitsubishi Electric FA Global Website.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa"
        },
        {
          "category": "mitigation",
          "details": "Install system applications (extended function) \u201cWireless LAN\u201d v01.45.000 or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Fixed system applications (extended function) \u201cWireless LAN\u201d is included in GT Designer3 Version 1 (GOT2000) v1.275M or later.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "This does not include countermeasures for CVE-2020-26146",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146"
        },
        {
          "category": "mitigation",
          "details": "Download and install the fixed version of MELSOFT GT Designer3 (GOT2000). Please contact a Mitsubishi Electric representative about MELSOFT GT Designer3 (GOT2000).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/support/index.html"
        },
        {
          "category": "mitigation",
          "details": "Start the MELSOFT GT Designer3 (GOT2000) and open the project data used in affected products.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Select [Write to GOT] from [Communication] menu to write the required package data to the GOT. Please refer to \u201c4. COMMUNICATING WITH GOT\u201d in the GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG).",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "After writing the required package data to the GOT, refer to the \u201cHow to check the versions in use\u201d and check the fixed versions.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as an access point, check if the wireless LAN communication unit settings are as follows.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Use the IP filter function*1 to restrict the accessible IP addresses. *1- Refer to GT Designer3 (GOT2000) Screen Design Manual (SH-081220ENG) \u201c5.4.3 Setting the IP filter\u201d",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html"
        },
        {
          "category": "mitigation",
          "details": "When using the wireless LAN communication unit as a station, check if the router settings are as follows: For the passphrase used for wireless LAN, avoid settings that can be guessed from the consecutive numbers and MAC address, and set an unpredictable passphrase combining letters and numbers. Use WPA or WPA2 as the security authentication method for wireless LAN.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "If you change the router settings, hide its presence on the Internet to make it difficult for unauthorized access. (e.g., set to not respond to PING requests).",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Set password for the router\u0027s Management portal, which is difficult to be identified.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Check the following when using a computer or tablet, etc., on the same network.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Update Antivirus software to the latest version.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not open or access suspicious attachment file or linked URL.",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ]
    }
  ]
}

cve-2020-24587

Vulnerability from cvelistv5

Published

2021-05-11 00:00

Modified

2024-08-04 15:19

Severity ?

Summary

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory
	https://www.fragattacks.com
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html	mailing-list
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
	https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html	mailing-list

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:19:08.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
          },
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          },
          {
            "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-01T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
        },
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "url": "https://www.fragattacks.com"
        },
        {
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
        },
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        },
        {
          "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24587",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-08-21T00:00:00",
    "dateUpdated": "2024-08-04T15:19:08.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-26143

Vulnerability from cvelistv5

Published

2021-05-11 19:36

Modified

2024-08-04 15:49

Severity ?

Summary

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory, x_refsource_CISCO
	https://www.fragattacks.com	x_refsource_MISC
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63	x_refsource_MISC

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:07.234Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T14:23:57",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fragattacks.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
            },
            {
              "name": "https://www.fragattacks.com",
              "refsource": "MISC",
              "url": "https://www.fragattacks.com"
            },
            {
              "name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
            },
            {
              "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26143",
    "datePublished": "2021-05-11T19:36:38",
    "dateReserved": "2020-09-29T00:00:00",
    "dateUpdated": "2024-08-04T15:49:07.234Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-26146

Vulnerability from cvelistv5

Published

2021-05-11 19:39

Modified

2024-08-04 15:49

Severity ?

Summary

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory, x_refsource_CISCO
	https://www.fragattacks.com	x_refsource_MISC
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63	x_refsource_MISC

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:07.202Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T14:28:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fragattacks.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
            },
            {
              "name": "https://www.fragattacks.com",
              "refsource": "MISC",
              "url": "https://www.fragattacks.com"
            },
            {
              "name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
            },
            {
              "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26146",
    "datePublished": "2021-05-11T19:39:07",
    "dateReserved": "2020-09-29T00:00:00",
    "dateUpdated": "2024-08-04T15:49:07.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-24588

Vulnerability from cvelistv5

Published

2021-05-11 00:00

Modified

2024-08-04 15:19

Severity ?

Summary

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory
	https://www.fragattacks.com
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html	mailing-list
	https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
	https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html	mailing-list

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:19:08.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
          },
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          },
          {
            "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-01T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
        },
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "url": "https://www.fragattacks.com"
        },
        {
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        },
        {
          "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24588",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-08-21T00:00:00",
    "dateUpdated": "2024-08-04T15:19:08.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-26144

Vulnerability from cvelistv5

Published

2021-05-11 19:33

Modified

2024-08-04 15:49

Severity ?

Summary

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory, x_refsource_CISCO
	https://www.fragattacks.com	x_refsource_MISC
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63	x_refsource_MISC

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:07.203Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T14:25:11",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fragattacks.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
            },
            {
              "name": "https://www.fragattacks.com",
              "refsource": "MISC",
              "url": "https://www.fragattacks.com"
            },
            {
              "name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
            },
            {
              "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26144",
    "datePublished": "2021-05-11T19:33:04",
    "dateReserved": "2020-09-29T00:00:00",
    "dateUpdated": "2024-08-04T15:49:07.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-26140

Vulnerability from cvelistv5

Published

2021-05-11 19:34

Modified

2024-08-04 15:49

Severity ?

Summary

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory, x_refsource_CISCO
	https://www.fragattacks.com	x_refsource_MISC
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63	x_refsource_MISC

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:07.137Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T14:11:58",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fragattacks.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
            },
            {
              "name": "https://www.fragattacks.com",
              "refsource": "MISC",
              "url": "https://www.fragattacks.com"
            },
            {
              "name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
            },
            {
              "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26140",
    "datePublished": "2021-05-11T19:34:42",
    "dateReserved": "2020-09-29T00:00:00",
    "dateUpdated": "2024-08-04T15:49:07.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-24586

Vulnerability from cvelistv5

Published

2021-05-11 00:00

Modified

2024-08-04 15:19

Severity ?

Summary

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu	vendor-advisory
	https://www.fragattacks.com
	https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
	http://www.openwall.com/lists/oss-security/2021/05/11/12	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html	mailing-list
	https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html	mailing-list
	https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
	https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html	mailing-list

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:19:08.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
          },
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          },
          {
            "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-01T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
        },
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "url": "https://www.fragattacks.com"
        },
        {
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
        },
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        },
        {
          "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24586",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-08-21T00:00:00",
    "dateUpdated": "2024-08-04T15:19:08.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_cisa

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature