Medium severity5.3NVD Advisory· Published May 11, 2021· Updated Apr 14, 2026

CVE-2020-26146

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

Affected products

Arista/C 100 Firmware
cpe:2.3:o:arista:c-100_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/C 110 Firmware
cpe:2.3:o:arista:c-110_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/C 120 Firmware
cpe:2.3:o:arista:c-120_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/C 130 Firmware
cpe:2.3:o:arista:c-130_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/C 200 Firmware
cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/C 230 Firmware
cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*
Range: <10.0.1-31
Arista/C 235 Firmware
cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*
Range: <10.0.1-31
Arista/C 250 Firmware
cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*
Range: <10.0.1-31
Arista/C 260 Firmware
cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*
Range: <10.0.1-31
Arista/C 65 Firmware
cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*
Arista/C 75 Firmware
cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*
Arista/O 105 Firmware
cpe:2.3:o:arista:o-105_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/O 90 Firmware
cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*
Arista/W 118 Firmware
cpe:2.3:o:arista:w-118_firmware:*:*:*:*:*:*:*:*
Range: <11.0.0-36
Arista/W 68 Firmware
cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*
Samsung/Galaxy I9305 Firmware
cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*
Siemens Foundation/Scalance W1700 Ieee 802.11ac Firmware
cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*
Siemens Foundation/Scalance W1750d Firmware
cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*
Range: <8.7.1.3
Siemens Foundation/Scalance W700 Ieee 802.11n Firmware
cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2021/05/11/12nvdMailing ListThird Party Advisory
cert-portal.siemens.com/productcert/pdf/ssa-913875.pdfnvdThird Party Advisory
github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdnvdThird Party Advisory
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWunvdThird Party Advisory
www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63nvdThird Party Advisory
www.fragattacks.comnvdThird Party Advisory
cert-portal.siemens.com/productcert/html/ssa-019200.htmlnvd
cert-portal.siemens.com/productcert/html/ssa-913875.htmlnvd

News mentions

Siemens SCALANCE
CISA Alerts

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000