CVE-2020-26139

MEDIUM EPSS 92.9%
Published May 11, 20215y ago · Modified Jun 17, 20262w ago
5.3 CVSS 3.1
Medium
Find Similar
Published May 11, 2021 5y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

CVSS Details

Base Score
5.3
Exploitability
1.6
Impact
3.6
Vector string
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Adjacent
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
92.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-287 Improper Authentication Authentication

Affected Products 330

VendorProductVersionRange
netbsdnetbsd7.1any
debiandebian_linux9.0any
aristac-100_firmware*any
aristac-100*any
aristac-110_firmware*any
aristac-110*any
aristac-120_firmware*any
aristac-120*any
aristac-130_firmware*any
aristac-130*any
aristac-200_firmware*any
aristac-200*any
aristac-230_firmware*any
aristac-230*any
aristac-235_firmware*any
aristac-235*any
aristac-250_firmware*any
aristac-250*any
aristac-260_firmware*any
aristac-260*any
aristac-65_firmware*any
aristac-65*any
aristac-75_firmware*any
aristac-75*any
aristao-105_firmware*any
aristao-105*any
aristao-90_firmware*any
aristao-90*any
aristaw-118_firmware*any
aristaw-118*any
aristaw-68_firmware*any
aristaw-68*any
cisco1100_firmware*any
cisco1100*any
cisco1100-4p_firmware*any
cisco1100-4p*any
cisco1100-8p_firmware*any
cisco1100-8p*any
cisco1101-4p_firmware*any
cisco1101-4p*any
cisco1109-2p_firmware*any
cisco1109-2p*any
cisco1109-4p_firmware*any
cisco1109-4p*any
ciscoaironet_1532_firmware*any
ciscoaironet_1532*any
ciscoaironet_1542d_firmware*any
ciscoaironet_1542d*any
ciscoaironet_1542i_firmware*any
ciscoaironet_1542i*any
ciscoaironet_1552_firmware*any
ciscoaironet_1552*any
ciscoaironet_1552h_firmware*any
ciscoaironet_1552h*any
ciscoaironet_1572_firmware*any
ciscoaironet_1572*any
ciscoaironet_1702_firmware*any
ciscoaironet_1702*any
ciscoaironet_1800_firmware*any
ciscoaironet_1800*any
ciscoaironet_1800i_firmware*any
ciscoaironet_1800i*any
ciscoaironet_1810_firmware*any
ciscoaironet_1810*any
ciscoaironet_1810w_firmware*any
ciscoaironet_1810w*any
ciscoaironet_1815_firmware*any
ciscoaironet_1815*any
ciscoaironet_1815i_firmware*any
ciscoaironet_1815i*any
ciscoaironet_1832_firmware*any
ciscoaironet_1832*any
ciscoaironet_1842_firmware*any
ciscoaironet_1842*any
ciscoaironet_1852_firmware*any
ciscoaironet_1852*any
ciscoaironet_2702_firmware*any
ciscoaironet_2702*any
ciscoaironet_2800_firmware*any
ciscoaironet_2800*any
ciscoaironet_2800e_firmware*any
ciscoaironet_2800e*any
ciscoaironet_2800i_firmware*any
ciscoaironet_2800i*any
ciscoaironet_3702_firmware*any
ciscoaironet_3702*any
ciscoaironet_3800_firmware*any
ciscoaironet_3800*any
ciscoaironet_3800e_firmware*any
ciscoaironet_3800e*any
ciscoaironet_3800i_firmware*any
ciscoaironet_3800i*any
ciscoaironet_3800p_firmware*any
ciscoaironet_3800p*any
ciscoaironet_4800_firmware*any
ciscoaironet_4800*any
ciscoaironet_ap803_firmware*any
ciscoaironet_ap803*any
ciscoaironet_iw3702_firmware*any
ciscoaironet_iw3702*any
ciscocatalyst_9105_firmware*any
ciscocatalyst_9105*any
ciscocatalyst_9105axi_firmware*any
ciscocatalyst_9105axi*any
ciscocatalyst_9105axw_firmware*any
ciscocatalyst_9105axw*any
ciscocatalyst_9115_firmware*any
ciscocatalyst_9115*any
ciscocatalyst_9115_ap_firmware*any
ciscocatalyst_9115_ap*any
ciscocatalyst_9115axe_firmware*any
ciscocatalyst_9115axe*any
ciscocatalyst_9115axi_firmware*any
ciscocatalyst_9115axi*any
ciscocatalyst_9117_firmware*any
ciscocatalyst_9117*any
ciscocatalyst_9117_ap_firmware*any
ciscocatalyst_9117_ap*any
ciscocatalyst_9117axi_firmware*any
ciscocatalyst_9117axi*any
ciscocatalyst_9120_firmware*any
ciscocatalyst_9120*any
ciscocatalyst_9120_ap_firmware*any
ciscocatalyst_9120_ap*any
ciscocatalyst_9120axe_firmware*any
ciscocatalyst_9120axe*any
ciscocatalyst_9120axi_firmware*any
ciscocatalyst_9120axi*any
ciscocatalyst_9120axp_firmware*any
ciscocatalyst_9120axp*any
ciscocatalyst_9124_firmware*any
ciscocatalyst_9124*any
ciscocatalyst_9124axd_firmware*any
ciscocatalyst_9124axd*any
ciscocatalyst_9124axi_firmware*any
ciscocatalyst_9124axi*any
ciscocatalyst_9130_firmware*any
ciscocatalyst_9130*any
ciscocatalyst_9130_ap_firmware*any
ciscocatalyst_9130_ap*any
ciscocatalyst_9130axe_firmware*any
ciscocatalyst_9130axe*any
ciscocatalyst_9130axi_firmware*any
ciscocatalyst_9130axi*any
ciscocatalyst_iw6300_firmware*any
ciscocatalyst_iw6300*any
ciscocatalyst_iw6300_ac_firmware*any
ciscocatalyst_iw6300_ac*any
ciscocatalyst_iw6300_dc_firmware*any
ciscocatalyst_iw6300_dc*any
ciscocatalyst_iw6300_dcw_firmware*any
ciscocatalyst_iw6300_dcw*any
ciscoesw6300_firmware*any
ciscoesw6300*any
ciscoip_phone_6861_firmware*any
ciscoip_phone_6861*any
ciscoip_phone_8821_firmware*any
ciscoip_phone_8821*any
ciscoip_phone_8832_firmware*any
ciscoip_phone_8832*any
ciscoip_phone_8861_firmware*any
ciscoip_phone_8861*any
ciscoip_phone_8865_firmware*any
ciscoip_phone_8865*any
ciscoir829-2lte-ea-ak9_firmware*any
ciscoir829-2lte-ea-ak9*any
ciscoir829-2lte-ea-bk9_firmware*any
ciscoir829-2lte-ea-bk9*any
ciscoir829-2lte-ea-ek9_firmware*any
ciscoir829-2lte-ea-ek9*any
ciscoir829gw-lte-ga-ck9_firmware*any
ciscoir829gw-lte-ga-ck9*any
ciscoir829gw-lte-ga-ek9_firmware*any
ciscoir829gw-lte-ga-ek9*any
ciscoir829gw-lte-ga-sk9_firmware*any
ciscoir829gw-lte-ga-sk9*any
ciscoir829gw-lte-ga-zk9_firmware*any
ciscoir829gw-lte-ga-zk9*any
ciscoir829gw-lte-na-ak9_firmware*any
ciscoir829gw-lte-na-ak9*any
ciscoir829gw-lte-vz-ak9_firmware*any
ciscoir829gw-lte-vz-ak9*any
ciscomeraki_gr10_firmware*any
ciscomeraki_gr10*any
ciscomeraki_gr60_firmware*any
ciscomeraki_gr60*any
ciscomeraki_mr12_firmware*any
ciscomeraki_mr12*any
ciscomeraki_mr20_firmware*any
ciscomeraki_mr20*any
ciscomeraki_mr26_firmware*any
ciscomeraki_mr26*any
ciscomeraki_mr30h_firmware*any
ciscomeraki_mr30h*any
ciscomeraki_mr32_firmware*any
ciscomeraki_mr32*any
ciscomeraki_mr33_firmware*any
ciscomeraki_mr33*any
ciscomeraki_mr34_firmware*any
ciscomeraki_mr34*any
ciscomeraki_mr36_firmware*any
ciscomeraki_mr36*any
ciscomeraki_mr42_firmware*any
ciscomeraki_mr42*any
ciscomeraki_mr42e_firmware*any
ciscomeraki_mr42e*any
ciscomeraki_mr44_firmware*any
ciscomeraki_mr44*any
ciscomeraki_mr45_firmware*any
ciscomeraki_mr45*any
ciscomeraki_mr46_firmware*any
ciscomeraki_mr46*any
ciscomeraki_mr46e_firmware*any
ciscomeraki_mr46e*any
ciscomeraki_mr52_firmware*any
ciscomeraki_mr52*any
ciscomeraki_mr53_firmware*any
ciscomeraki_mr53*any
ciscomeraki_mr53e_firmware*any
ciscomeraki_mr53e*any
ciscomeraki_mr55_firmware*any
ciscomeraki_mr55*any
ciscomeraki_mr56_firmware*any
ciscomeraki_mr56*any
ciscomeraki_mr62_firmware*any
ciscomeraki_mr62*any
ciscomeraki_mr66_firmware*any
ciscomeraki_mr66*any
ciscomeraki_mr70_firmware*any
ciscomeraki_mr70*any
ciscomeraki_mr72_firmware*any
ciscomeraki_mr72*any
ciscomeraki_mr74_firmware*any
ciscomeraki_mr74*any
ciscomeraki_mr76_firmware*any
ciscomeraki_mr76*any
ciscomeraki_mr84_firmware*any
ciscomeraki_mr84*any
ciscomeraki_mr86_firmware*any
ciscomeraki_mr86*any
ciscomeraki_mx64w_firmware*any
ciscomeraki_mx64w*any
ciscomeraki_mx65w_firmware*any
ciscomeraki_mx65w*any
ciscomeraki_mx67cw_firmware*any
ciscomeraki_mx67cw*any
ciscomeraki_mx67w_firmware*any
ciscomeraki_mx67w*any
ciscomeraki_mx68cw_firmware*any
ciscomeraki_mx68cw*any
ciscomeraki_mx68w_firmware*any
ciscomeraki_mx68w*any
ciscomeraki_z3_firmware*any
ciscomeraki_z3*any
ciscomeraki_z3c_firmware*any
ciscomeraki_z3c*any
ciscowebex_board_55_firmware*any
ciscowebex_board_55*any
ciscowebex_board_55s_firmware*any
ciscowebex_board_55s*any
ciscowebex_board_70_firmware*any
ciscowebex_board_70*any
ciscowebex_board_70s_firmware*any
ciscowebex_board_70s*any
ciscowebex_board_85s_firmware*any
ciscowebex_board_85s*any
ciscowebex_dx70_firmware*any
ciscowebex_dx70*any
ciscowebex_dx80_firmware*any
ciscowebex_dx80*any
ciscowebex_room_55_firmware*any
ciscowebex_room_55*any
ciscowebex_room_55_dual_firmware*any
ciscowebex_room_55_dual*any
ciscowebex_room_70_firmware*any
ciscowebex_room_70*any
ciscowebex_room_70_dual_firmware*any
ciscowebex_room_70_dual*any
ciscowebex_room_70_dual_g2_firmware*any
ciscowebex_room_70_dual_g2*any
ciscowebex_room_70_single_firmware*any
ciscowebex_room_70_single*any
ciscowebex_room_70_single_g2_firmware*any
ciscowebex_room_70_single_g2*any
ciscowebex_room_kit_firmware*any
ciscowebex_room_kit*any
ciscowebex_room_kit_mini_firmware*any
ciscowebex_room_kit_mini*any
intelac_8260_firmware*any
intelac_8260*any
intelac_8265_firmware*any
intelac_8265*any
intelac_9260_firmware*any
intelac_9260*any
intelac_9560_firmware*any
intelac_9560*any
intelkiller_ac_1550_firmware*any
intelkiller_ac_1550*any
intelkiller_wi-fi_6_ax1650_firmware*any
intelkiller_wi-fi_6_ax1650*any
intelkiller_wi-fi_6e_ax1675_firmware*any
intelkiller_wi-fi_6e_ax1675*any
intelproset_ac_3165_firmware*any
intelproset_ac_3165*any
intelproset_ac_3168_firmware*any
intelproset_ac_3168*any
intelproset_ac_8260_firmware*any
intelproset_ac_8260*any
intelproset_ac_8265_firmware*any
intelproset_ac_8265*any
intelproset_ac_9260_firmware*any
intelproset_ac_9260*any
intelproset_ac_9461_firmware*any
intelproset_ac_9461*any
intelproset_ac_9462_firmware*any
intelproset_ac_9462*any
intelproset_ac_9560_firmware*any
intelproset_ac_9560*any
intelproset_wi-fi_6_ax200_firmware*any
intelproset_wi-fi_6_ax200*any
intelproset_wi-fi_6_ax201_firmware*any
intelproset_wi-fi_6_ax201*any
intelproset_wi-fi_6e_ax210_firmware*any
intelproset_wi-fi_6e_ax210*any
intelproset_wireless_7265_\(rev_d\)_firmware*any
intelproset_wireless_7265_\(rev_d\)*any
intelwi-fi_6_ax200_firmware*any
intelwi-fi_6_ax200*any
intelwi-fi_6_ax201_firmware*any
intelwi-fi_6_ax201*any

References 10

  • openwall.com http://www.openwall.com/lists/oss-security/2021/05/11/12
    Mailing ListThird Party Advisory
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-019200.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-913875.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf
    PatchThird Party Advisory
  • github.com https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
    Third Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
    Mailing ListThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
    Mailing ListThird Party Advisory
  • tools.cisco.com https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
    Third Party Advisory
  • arista.com https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
    Third Party Advisory
  • fragattacks.com https://www.fragattacks.com
    Third Party Advisory

Remediation