CVE-2020-24587

moderate-risk

Published 2021-05-11

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

Do I need to act?

0.53% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 2.6/10 Low

ADJACENT_NETWORK / HIGH complexity

Affected Products (20)

Ieee 802.11

Mac80211

Debian Linux

C-100 Firmware

C-110 Firmware

C-120 Firmware

C-130 Firmware

C-200 Firmware

C-230 Firmware

C-235 Firmware

C-250 Firmware

C-260 Firmware

C-65 Firmware

C-75 Firmware

O-105 Firmware

O-90 Firmware

W-118 Firmware

W-68 Firmware

1100 Firmware

1100-4P Firmware

Affected Vendors

Cisco Debian Linux Intel Ieee Arista

References (18)

Mailing List http://www.openwall.com/lists/oss-security/2021/05/11/12

Third Party Advisory https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

Mailing List https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

Mailing List https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html

Third Party Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-w...

Third Party Advisory https://www.arista.com/en/support/advisories-notices/security-advisories/12602-s...

Exploit https://www.fragattacks.com

Third Party Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473....