CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-26142

An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 81.0%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 2.6

References

http://www.openwall.com/lists/oss-security/2021/05/11/12
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
https://www.fragattacks.com
http://www.openwall.com/lists/oss-security/2021/05/11/12
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
https://www.fragattacks.com

Products affected by CVE-2020-26142

Openbsd » Openbsd » Version: 6.6

cpe:2.3:o:openbsd:openbsd:6.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-26142

Products

Pricing

Contact Us