CVE-2020-24586

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

Published: May 11, 2021
Updated: Apr 14, 2023
CVE: CVE-2020-24586
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.5
AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.9
AV:A/AC:M/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ieee / ieee_802.11	-	-
debian / debian_linux	9.0	9.0.x
arista / c-250_firmware	-	10.0.1-31
arista / c-260_firmware	-	10.0.1-31
arista / c-230_firmware	-	10.0.1-31
arista / c-235_firmware	-	10.0.1-31
arista / c-200_firmware	-	11.0.0-36
intel / ax210_firmware	-	22.30.0.11
intel / ax201_firmware	-	22.30.0.11
intel / ax200_firmware	-	22.30.0.11
intel / ac_9560_firmware	-	22.30.0.11
intel / ac_9462_firmware	-	22.30.0.11
intel / ac_9461_firmware	-	22.30.0.11
intel / ac_9260_firmware	-	22.30.0.11
intel / ac_8265_firmware	-	20.70.21.2
intel / ac_8260_firmware	-	20.70.21.2
intel / ac_3168_firmware	-	19.51.33.1
intel / ac_7265_firmware	-	19.51.33.1
intel / ac_3165_firmware	-	19.51.33.1
linux / linux_kernel	4.4	4.4.271
linux / linux_kernel	4.9	4.9.271
linux / linux_kernel	4.14	4.14.235
linux / linux_kernel	4.19	4.19.193
linux / linux_kernel	5.4	5.4.124
linux / linux_kernel	5.10	5.10.42
linux / linux_kernel	5.12	5.12.9

Vulnerability Database

289,599

CVE-2020-24586