Home

CVE-2020-26421

Description

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.1

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-26419,CVE-2020-26420,CVE-2020-26421,CVE-2020-26418 are fixed in Wireshark (3.4.1)Windows
Vulnerabilities CVE-2020-26419,CVE-2020-26420,CVE-2020-26421,CVE-2020-26418 are fixed in Wireshark x64 3.4.1Windows
Vulnerabilities CVE-2020-26420,CVE-2020-26421,CVE-2020-26418 are fixed in Wireshark 3.2.9Windows
Vulnerabilities CVE-2020-26420,CVE-2020-26421,CVE-2020-26418 are fixed in Wireshark x64 3.2.9Windows
Vulnerabilities CVE-2020-26418,CVE-2020-26420,CVE-2020-26421 are affected in WireShark For Mac 3.2.8Mac
Multiple Vulnerabilities are affected in WireShark For Mac 3.4.0Mac
SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) libsbc1-1.3-3.2.1.x86_64.rpmLinux
SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-devel-1.3-3.2.1.x86_64.rpmLinux
SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-debuginfo-1.3-3.2.1.x86_64.rpmLinux
SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) sbc-debugsource-1.3-3.2.1.x86_64.rpmLinux
SUSE-SU-2021:2125-1(SUSE Linux Enterprise Module for Desktop Applications 15-SP3 ) libsbc1-debuginfo-1.3-3.2.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-317431Wireshark (3.4.1)
PATCH-322478Wireshark (3.4.10)
PATCH-338541Wireshark (3.6.24)
PATCH-338541Wireshark (3.6.24)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234