Medium severity6.5NVD Advisory· Published May 11, 2021· Updated Apr 14, 2026
CVE-2020-26145
CVE-2020-26145
Description
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Affected products
13- cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:6gk5763-1al00-3aa0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5763-1al00-3da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5763-1al00-7da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-3da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-3db0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-7da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-7db0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-7ta0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1ge00-7tb0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1je00-3da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1je00-7da0_firmware:*:*:*:*:*:*:*:*Range: <1.2
- cpe:2.3:o:siemens:6gk5766-1je00-7ta0_firmware:*:*:*:*:*:*:*:*Range: <1.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- cert-portal.siemens.com/productcert/pdf/ssa-913875.pdfnvdPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2021/05/11/12nvdMailing ListThird Party Advisory
- github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdnvdThird Party Advisory
- www.fragattacks.comnvdThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-913875.htmlnvd
News mentions
0No linked articles in our index yet.