CVE-2020-26139
high-risk
Published 2021-05-11
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Do I need to act?
~
1.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10
Medium
ADJACENT_NETWORK
/ HIGH complexity
Affected Products (20)
C-100 Firmware
C-110 Firmware
C-120 Firmware
C-130 Firmware
C-200 Firmware
C-230 Firmware
C-235 Firmware
C-250 Firmware
C-260 Firmware
C-65 Firmware
C-75 Firmware
O-105 Firmware
O-90 Firmware
W-118 Firmware
W-68 Firmware
1100 Firmware
1100-4P Firmware
1100-8P Firmware
References (16)
Third Party Advisory
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-w...
Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-s...
Third Party Advisory
https://www.fragattacks.com
Third Party Advisory
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-w...
Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-s...
Third Party Advisory
https://www.fragattacks.com
50
/ 100
high-risk
Severity
14/34 · Moderate
Exploitability
3/34 · Minimal
Exposure
33/34 · Critical