CVE-2020-26141

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.

Severity	MEDIUM
CVSS	6.5
CWE	CWE-354
KEV
Published	5 years ago
Modified	1 month ago

Related Products

Product	Advisory	Evidence
Cisco Webex Room Phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence Endpoint Software (TC/CE)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP Phones with Multiplatform Firmware	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Business Wireless Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software (IOS XE Controller)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln