IM
IronMonkey Threat Research

CVE-2020-26145 MEDIUM

Published: 2021-05-11 | Last Modified: 2026-04-14 | Status: Modified

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Additional Descriptions (1)

Se detectó un problema en los dispositivos Samsung Galaxy S3 i9305 versión 4.4.4. Las implementaciones de WEP, WPA, WPA2 y WPA3 aceptan segundos fragmentos de transmisión (o posteriores) incluso cuando se envían en texto plano y los procesan como tramas completas no fragmentados. Un adversario puede abusar de esto para inyectar paquetes de red arbitrarios independientemente de la configuración de la red

CVSS Metrics

Base Score: 6.5 (MEDIUM)

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack VectorADJACENT_NETWORK
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactHIGH
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 2.8

Impact Score: 3.6

Base Score: 3.3 (LOW)

AV:A/AC:L/Au:N/C:N/I:P/A:N

Access VectorADJACENT_NETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactPARTIAL
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 6.5

Impact Score: 2.9

Weaknesses

Source Type Description
[email protected] Primary
en CWE-20

Affected Products

Vendor Product Version Update Type
samsung galaxy_i9305_firmware 4.4.4 <built-in method update of dict object at 0x72a9b0a6ca40> Operating System
siemens 6gk5763-1al00-7da0_firmware * <built-in method update of dict object at 0x72a961eca600> Operating System
siemens 6gk5766-1ge00-7da0_firmware * <built-in method update of dict object at 0x72a961ec8d00> Operating System
siemens 6gk5766-1ge00-7db0_firmware * <built-in method update of dict object at 0x72a963c69f80> Operating System
siemens 6gk5766-1je00-7da0_firmware * <built-in method update of dict object at 0x72a9b0a6c7c0> Operating System
siemens 6gk5766-1ge00-7ta0_firmware * <built-in method update of dict object at 0x72a9b0a6cbc0> Operating System
siemens 6gk5766-1ge00-7tb0_firmware * <built-in method update of dict object at 0x72a961ec8440> Operating System
siemens 6gk5766-1je00-7ta0_firmware * <built-in method update of dict object at 0x72a961ec9900> Operating System
siemens 6gk5763-1al00-3aa0_firmware * <built-in method update of dict object at 0x72a961ecb640> Operating System
siemens 6gk5763-1al00-3da0_firmware * <built-in method update of dict object at 0x72a9b0a6ccc0> Operating System
siemens 6gk5766-1ge00-3da0_firmware * <built-in method update of dict object at 0x72a961ec8400> Operating System
siemens 6gk5766-1ge00-3db0_firmware * <built-in method update of dict object at 0x72a961ecb2c0> Operating System
siemens 6gk5766-1je00-3da0_firmware * <built-in method update of dict object at 0x72a961ecb900> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:samsung:galaxy_i9305:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5763-1al00-7da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5763-1al00-7da0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-7da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-7da0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-7db0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-7db0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1je00-7da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1je00-7da0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-7ta0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-7ta0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-7tb0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-7tb0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1je00-7ta0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1je00-7ta0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5763-1al00-3aa0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5763-1al00-3aa0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5763-1al00-3da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5763-1al00-3da0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-3da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-3da0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1ge00-3db0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1ge00-3db0:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:6gk5766-1je00-3da0_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:6gk5766-1je00-3da0:-:*:*:*:*:*:*:*

References

Notification
Message here