{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "4.4.4" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.1-31" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.1-31" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.1-31" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "10.0.1-31" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "11.0.0-36" } ] }, { "events": [ { "introduced": "0" }, { "fixed": "8.7.1.3" } ] } ] } } ], "details": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.", "id": "CVE-2020-26146", "modified": "2026-03-15T13:44:09.827885173Z", "published": "2021-05-11T20:15:08.907Z", "references": [ { "type": "ADVISORY", "url": "https://www.fragattacks.com" }, { "type": "ADVISORY", "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12" }, { "type": "ADVISORY", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf" }, { "type": "ADVISORY", "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md" }, { "type": "ADVISORY", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu" }, { "type": "ADVISORY", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63" } ], "severity": [ { "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }