{"id": "CVE-2020-26145", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2021-05-11T20:15:08.873", "references": [{"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.fragattacks.com", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos Samsung Galaxy S3 i9305 versi\u00f3n 4.4.4. Las implementaciones de WEP, WPA, WPA2 y WPA3 aceptan segundos fragmentos de transmisi\u00f3n (o posteriores) incluso cuando se env\u00edan en texto plano y los procesan como tramas completas no fragmentados. Un adversario puede abusar de esto para inyectar paquetes de red arbitrarios independientemente de la configuraci\u00f3n de la red"}], "lastModified": "2022-05-13T20:53:57.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5CFC281-DDBA-4511-A271-FCFFA337E2B9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:samsung:galaxy_i9305:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79194A52-BFFC-448B-9032-F29D2A5971BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5763-1al00-7da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C148549-31FC-48E5-860B-56364F15A9A4", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5763-1al00-7da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72E99748-08CA-4515-B64B-A7696E7C9824"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6E3450B-8B5F-4510-8D07-1D5A1BA214E1", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9A76803-CFF6-4A82-A5EC-10A3946A91D3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7db0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A9D34A4-CBF4-4B78-A20D-33DB7DD3609E", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7db0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9AAE92C7-5197-48AA-9334-62D3E313F8AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1je00-7da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74D91A1E-53EE-482B-A3D1-53E955DCDE2E", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1je00-7da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D4F2AD0-57B4-4947-8887-9F26C47909CB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7ta0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBD0BD5B-54E2-4A29-8AFE-D4796B65FA2B", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7ta0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4450B377-C7C1-4225-9304-C4AC79AB7E71"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-7tb0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8852F24-7613-43AA-A91C-4665721C75DA", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-7tb0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "802CE18D-AF89-46F3-82EF-83F9590A49DA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1je00-7ta0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8040707-3EE4-48CD-BEB0-B11136EC1841", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1je00-7ta0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BFC81171-3522-4982-BFA8-940E161AF217"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5763-1al00-3aa0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "749D2AF5-A5A4-4CBF-98C9-A3AC9C55494E", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5763-1al00-3aa0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E50D46EE-B0D0-4385-BF21-804CB1B9556C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5763-1al00-3da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05C27085-76D9-4185-A578-82B71A360731", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5763-1al00-3da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "781FDDBB-8DCA-4B65-8906-E78FBE3CFDA1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-3da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A705BE0-37DB-4D49-AD50-B68CFE273C0D", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-3da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2C591807-63DE-40DC-8E0A-083080FDC6FC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1ge00-3db0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D66877F3-BA23-4FAE-8FFD-7E81332F58B6", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1ge00-3db0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "142E900D-63F3-4CC7-9E27-026B4C38A803"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:6gk5766-1je00-3da0_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "800E0542-02E5-4390-9AF0-82F3DD0B2523", "versionEndExcluding": "1.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:6gk5766-1je00-3da0:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "420D0BD5-A206-4A3F-8978-6D0959CE4F14"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}
