Medium severity6.5NVD Advisory· Published May 11, 2021· Updated Apr 14, 2026
CVE-2020-26143
CVE-2020-26143
Description
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
Affected products
6- cpe:2.3:o:alfa:awus036h_firmware:1030.36.604:*:*:*:*:windows_10:*:*
- cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.openwall.com/lists/oss-security/2021/05/11/12nvdMailing ListThird Party Advisory
- cert-portal.siemens.com/productcert/pdf/ssa-913875.pdfnvdThird Party Advisory
- github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdnvdThird Party Advisory
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWunvdThird Party Advisory
- www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63nvdThird Party Advisory
- www.fragattacks.comnvdThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-019200.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-913875.htmlnvd
News mentions
1- Siemens SCALANCECISA Alerts