CVE-2020-24587
Last modified
CVE-2020-24587 is a low-severity vulnerability rated 2.6/10 on the CVSS scale. The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.. EPSS estimates a 2.59% chance of exploitation in the next 30 days.
Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Metrics
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ieee | Ieee 802.11 | All versions |
| Linux | Mac80211 | All versions |
| Debian | Debian Linux | 9.0 |
| Arista | C-100 Firmware | All versions |
| Arista | C-110 Firmware | All versions |
| Arista | C-120 Firmware | All versions |
| Arista | C-130 Firmware | All versions |
| Arista | C-200 Firmware | All versions |
| Arista | C-230 Firmware | All versions |
| Arista | C-235 Firmware | All versions |
| Arista | C-250 Firmware | All versions |
| Arista | C-260 Firmware | All versions |
| Arista | C-65 Firmware | All versions |
| Arista | C-75 Firmware | All versions |
| Arista | O-105 Firmware | All versions |
| Arista | O-90 Firmware | All versions |
| Arista | W-118 Firmware | All versions |
| Arista | W-68 Firmware | All versions |
| Cisco | 1100 Firmware | All versions |
| Cisco | 1100-4p Firmware | All versions |
| Cisco | 1100-8p Firmware | All versions |
| Cisco | 1101-4p Firmware | All versions |
| Cisco | 1109-2p Firmware | All versions |
| Cisco | 1109-4p Firmware | All versions |
| Cisco | Aironet 1532 Firmware | All versions |
| Cisco | Aironet 1542d Firmware | All versions |
| Cisco | Aironet 1542i Firmware | All versions |
| Cisco | Aironet 1552 Firmware | All versions |
| Cisco | Aironet 1552h Firmware | All versions |
| Cisco | Aironet 1572 Firmware | All versions |
| Cisco | Aironet 1702 Firmware | All versions |
| Cisco | Aironet 1800 Firmware | All versions |
| Cisco | Aironet 1800i Firmware | All versions |
| Cisco | Aironet 1810 Firmware | All versions |
| Cisco | Aironet 1810w Firmware | All versions |
| Cisco | Aironet 1815 Firmware | All versions |
| Cisco | Aironet 1815i Firmware | All versions |
| Cisco | Aironet 1832 Firmware | All versions |
| Cisco | Aironet 1842 Firmware | All versions |
| Cisco | Aironet 1852 Firmware | All versions |
| Cisco | Aironet 2702 Firmware | All versions |
| Cisco | Aironet 2800 Firmware | All versions |
| Cisco | Aironet 2800e Firmware | All versions |
| Cisco | Aironet 2800i Firmware | All versions |
| Cisco | Aironet 3702 Firmware | All versions |
| Cisco | Aironet 3800 Firmware | All versions |
| Cisco | Aironet 3800e Firmware | All versions |
| Cisco | Aironet 3800i Firmware | All versions |
| Cisco | Aironet 3800p Firmware | All versions |
| Cisco | Aironet 4800 Firmware | All versions |
Showing 50 of 174 affected configurations. See NVD for the full list.
References
- http://www.openwall.com/lists/oss-security/2021/05/11/12Mailing List, Third Party Advisory
- https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing List, Third Party Advisory
- https://www.fragattacks.comExploit, Third Party Advisory
- http://www.openwall.com/lists/oss-security/2021/05/11/12Mailing List, Third Party Advisory
- https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing List, Third Party Advisory
- https://www.fragattacks.comExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-24587?
How severe is CVE-2020-24587?
How do I fix CVE-2020-24587?
Are you affected by CVE-2020-24587?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST