CVE-2020-24586
- EPSS 0.22%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:03
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when a...
CVE-2020-24587
- EPSS 0.3%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:05
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragmen...
CVE-2020-24588
- EPSS 0.56%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:15:05
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP...