CVE-2020-24588

LOW

WPA/WPA2/WPA3 - DoS

Title source: llm
STIX 2.1

Description

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

References (12)

Core 12
Core References
Mailing List, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2021/05/11/12
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Exploit, Third Party Advisory
https://www.fragattacks.com

Scores

CVSS v3 3.5
EPSS 0.0031
EPSS Percentile 54.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-327
Status published
Products (50)
arista/c-100_firmware
arista/c-110_firmware
arista/c-120_firmware
arista/c-130_firmware
arista/c-200_firmware
arista/c-230_firmware
arista/c-235_firmware
arista/c-250_firmware
arista/c-260_firmware
arista/c-65_firmware
... and 40 more
Published May 11, 2021
Tracked Since Feb 18, 2026