Home

CVE-2020-26140

Description

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.177

Associated Vulnerability

VulnerabilityOS Platform
Kernel-uek update (ELSA-2021-9459) kernel-uek-4.1.12-124.54.6.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2021-9459) kernel-uek-debug-4.1.12-124.54.6.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2021-9459) kernel-uek-debug-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2021-9459) kernel-uek-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2021-9459) kernel-uek-doc-4.1.12-124.54.6.1.el7uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2021-9459) kernel-uek-firmware-4.1.12-124.54.6.1.el7uek.noarch.rpmLinux
Kernel-uek update (ELSA-2021-9473) kernel-uek-4.1.12-124.56.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2021-9473) kernel-uek-debug-4.1.12-124.56.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2021-9473) kernel-uek-debug-devel-4.1.12-124.56.1.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2021-9473) kernel-uek-devel-4.1.12-124.56.1.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2021-9473) kernel-uek-doc-4.1.12-124.56.1.el7uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2021-9473) kernel-uek-firmware-4.1.12-124.56.1.el7uek.noarch.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update bpftool-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-348.el8.noarch.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-core-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-348.el8.noarch.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update perf-4.18.0-348.el8.x86_64.rpmLinux
(RHSA-2021:4356) kernel security, bug fix, and enhancement update python3-perf-4.18.0-348.el8.x86_64.rpmLinux
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1850 Series Access PointsNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco IP Phone 8800 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco IP Phone 8800 Series with Multiplatform FirmwareNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Telepresence Integrator C SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco SIP IP Phone SoftwareNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1550 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 3600 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1600 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1530 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 700 Series Access PointsNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 3700 Series Access PointsNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 700W Series Access PointsNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1570 SeriesNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1700 Series Access PointsNCM
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Industrial Wireless 3700 SeriesNCM
Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2020-26140)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1705928Security Update for Cisco Aironet 1850 Series Access Points 8.3(15.136)
PATCH-1705974Security Update for Cisco IP Phone 8800 Series 11.7(1)SC2
PATCH-1705298Security Update for Cisco IP Phone 8800 Series with Multiplatform Firmware 11.3(3)MPP1.377
PATCH-1706043Security Update for Cisco Telepresence Integrator C Series 9.1.1
PATCH-1705918Security Update for Cisco SIP IP Phone Software 11.7(1)MN19
PATCH-1705319Security Update for Cisco Aironet 1550 Series ap-17.7.0.47
PATCH-1705320Security Update for Cisco Aironet 3600 Series ap-17.7.0.47
PATCH-1705321Security Update for Cisco Aironet 1600 Series ap-17.7.0.47
PATCH-1705322Security Update for Cisco Aironet 1530 Series ap-17.7.0.47
PATCH-1705323Security Update for Cisco Aironet 700 Series Access Points ap-17.7.0.47
PATCH-1705527Security Update for Cisco Aironet 3700 Series Access Points 7.5(102.0)
PATCH-1705325Security Update for Cisco Aironet 700W Series Access Points ap-17.7.0.47
PATCH-1705326Security Update for Cisco Aironet 1570 Series ap-17.7.0.47
PATCH-1705327Security Update for Cisco Aironet 1700 Series Access Points ap-17.7.0.47
PATCH-1705328Security Update for Cisco Industrial Wireless 3700 Series ap-17.7.0.47

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234