CVE-2020-26144
Description
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Risk Information
Base Score
6.4
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
1.015
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB5003169) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server, version 1909 for x64-based Systems (KB5003169) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB5003169) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5003171) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2019 for x64-based Systems (KB5003171) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5003171) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB5003172) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB5003172) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server, version 2004 for x64-based Systems (KB5003173) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 2004 for x64-based Systems (KB5003173) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 2004 for x86-based Systems (KB5003173) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB5003173) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB5003173) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB5003174) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1803 for x86-based Systems (KB5003174) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2016 for x64-based Systems (KB5003197) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB5003197) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB5003197) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2012 for x64-based Systems (KB5003203) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2012 for x64-based Systems (KB5003208) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5003209) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 8.1 for x64-based Systems (KB5003209) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 8.1 for x86-based Systems (KB5003209) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB5003210) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB5003210) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5003220) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 8.1 for x64-based Systems (KB5003220) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 8.1 for x86-based Systems (KB5003220) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 for x64-based Systems (KB5003225) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 for x86-based Systems (KB5003225) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB5003228) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 7 for x64-based Systems (KB5003228) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 7 for x86-based Systems (KB5003228) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB5003233) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 7 for x64-based Systems (KB5003233) (ESU) | Windows |
| Windows Wireless Networking Information Disclosure Vulnerability for Windows 7 for x86-based Systems (KB5003233) (ESU) | Windows |
| Kernel-uek update (ELSA-2021-9459) kernel-uek-4.1.12-124.54.6.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9459) kernel-uek-debug-4.1.12-124.54.6.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9459) kernel-uek-debug-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9459) kernel-uek-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9459) kernel-uek-doc-4.1.12-124.54.6.1.el7uek.noarch.rpm | Linux |
| Kernel-uek-firmware update (ELSA-2021-9459) kernel-uek-firmware-4.1.12-124.54.6.1.el7uek.noarch.rpm | Linux |
| Kernel-uek update (ELSA-2021-9473) kernel-uek-4.1.12-124.56.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9473) kernel-uek-debug-4.1.12-124.56.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9473) kernel-uek-debug-devel-4.1.12-124.56.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9473) kernel-uek-devel-4.1.12-124.56.1.el7uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9473) kernel-uek-doc-4.1.12-124.56.1.el7uek.noarch.rpm | Linux |
| Kernel-uek-firmware update (ELSA-2021-9473) kernel-uek-firmware-4.1.12-124.56.1.el7uek.noarch.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update bpftool-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-core-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-348.el8.noarch.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update perf-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update python3-perf-4.18.0-348.el8.x86_64.rpm | Linux |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1850 Series Access Points | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco IP Phone 8800 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco IP Phone 8800 Series with Multiplatform Firmware | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Telepresence Integrator C Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco SIP IP Phone Software | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1550 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 3600 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1600 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1530 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 700 Series Access Points | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 3700 Series Access Points | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 700W Series Access Points | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1570 Series | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Aironet 1700 Series Access Points | NCM |
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 For Cisco Industrial Wireless 3700 Series | NCM |
| Improper Input Validation Vulnerability (CVE-2020-26144) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-31376 | 2021-05 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5003169) |
| PATCH-31377 | 2021-05 Cumulative Update for Windows Server, version 1909 for x64-based Systems (KB5003169) |
| PATCH-31378 | 2021-05 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5003169) |
| PATCH-31381 | 2021-05 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5003171) |
| PATCH-31382 | 2021-05 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5003171) |
| PATCH-31405 | 2021-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5003171) |
| PATCH-31374 | 2021-05 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5003172) |
| PATCH-31375 | 2021-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5003172) |
| PATCH-31335 | 2021-05 Cumulative Update for Windows Server, version 2004 for x64-based Systems (KB5003173) |
| PATCH-31336 | 2021-05 Cumulative Update for Windows 10 Version 2004 for x64-based Systems (KB5003173) |
| PATCH-31337 | 2021-05 Cumulative Update for Windows 10 Version 2004 for x86-based Systems (KB5003173) |
| PATCH-31338 | 2021-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5003173) |
| PATCH-31339 | 2021-05 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5003173) |
| PATCH-31406 | 2021-05 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB5003174) |
| PATCH-31407 | 2021-05 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB5003174) |
| PATCH-31344 | 2021-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5003197) |
| PATCH-31345 | 2021-05 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5003197) |
| PATCH-31355 | 2021-05 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5003197) |
| PATCH-31330 | 2021-05 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5003203) |
| PATCH-31334 | 2021-05 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5003208) |
| PATCH-31331 | 2021-05 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5003209) |
| PATCH-31332 | 2021-05 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5003209) |
| PATCH-31333 | 2021-05 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB5003209) |
| PATCH-31359 | 2021-05 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5003210) (ESU) |
| PATCH-31360 | 2021-05 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB5003210) (ESU) |
| PATCH-31327 | 2021-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5003220) |
| PATCH-31328 | 2021-05 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB5003220) |
| PATCH-31329 | 2021-05 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB5003220) |
| PATCH-31364 | 2021-05 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5003225) (ESU) |
| PATCH-31365 | 2021-05 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB5003225) (ESU) |
| PATCH-31361 | 2021-05 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5003228) (ESU) |
| PATCH-31362 | 2021-05 Security Only Quality Update for Windows 7 for x64-based Systems (KB5003228) (ESU) |
| PATCH-31363 | 2021-05 Security Only Quality Update for Windows 7 for x86-based Systems (KB5003228) (ESU) |
| PATCH-31356 | 2021-05 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5003233) (ESU) |
| PATCH-31357 | 2021-05 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB5003233) (ESU) |
| PATCH-31358 | 2021-05 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB5003233) (ESU) |
| PATCH-1705928 | Security Update for Cisco Aironet 1850 Series Access Points 8.3(15.136) |
| PATCH-1705974 | Security Update for Cisco IP Phone 8800 Series 11.7(1)SC2 |
| PATCH-1705298 | Security Update for Cisco IP Phone 8800 Series with Multiplatform Firmware 11.3(3)MPP1.377 |
| PATCH-1706043 | Security Update for Cisco Telepresence Integrator C Series 9.1.1 |
| PATCH-1705918 | Security Update for Cisco SIP IP Phone Software 11.7(1)MN19 |
| PATCH-1705319 | Security Update for Cisco Aironet 1550 Series ap-17.7.0.47 |
| PATCH-1705320 | Security Update for Cisco Aironet 3600 Series ap-17.7.0.47 |
| PATCH-1705321 | Security Update for Cisco Aironet 1600 Series ap-17.7.0.47 |
| PATCH-1705322 | Security Update for Cisco Aironet 1530 Series ap-17.7.0.47 |
| PATCH-1705323 | Security Update for Cisco Aironet 700 Series Access Points ap-17.7.0.47 |
| PATCH-1705527 | Security Update for Cisco Aironet 3700 Series Access Points 7.5(102.0) |
| PATCH-1705325 | Security Update for Cisco Aironet 700W Series Access Points ap-17.7.0.47 |
| PATCH-1705326 | Security Update for Cisco Aironet 1570 Series ap-17.7.0.47 |
| PATCH-1705327 | Security Update for Cisco Aironet 1700 Series Access Points ap-17.7.0.47 |
| PATCH-1705328 | Security Update for Cisco Industrial Wireless 3700 Series ap-17.7.0.47 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234