CVE-2020-26555
- EPSS 0.23%
- Published 24.05.2021 18:15:07
- Last modified 21.11.2024 05:20:04
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-24587
- EPSS 0.3%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:05
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragmen...
CVE-2020-26140
- EPSS 0.43%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:19:20
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent...
CVE-2020-26139
- EPSS 0.41%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:19:20
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denia...
CVE-2020-24588
- EPSS 0.56%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:05
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP...