CVSS: 6.5EPSS: 0%CPEs: 192EXPL: 0CVE-2020-26141 – kernel: not verifying TKIP MIC of fragmented frames
https://notcve.org/view.php?id=CVE-2020-26141
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. Se detectó un problema en el controlador ALFA de Windows 10 versión 6.1316.1209 para AWUS036H. La implementación de Wi-Fi no verifica la Comprobación de Integridad del Mensaje (autenticidad) de las tramas TKIP fragmentadas. • http://www.openwall.com/lists/oss-security/2021/05/11/12 https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 https://www.fragattacks.com https://access.redhat.com/security/cve/CVE-2020-26141 https://bugzilla.redhat.com/show&# • CWE-354: Improper Validation of Integrity Check Value CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2020-3111 – Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3111
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. • http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-voip-phones-rce-dos • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2019-1922 – Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1922
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (SIP) packets. An attacker could exploit this vulnerability by altering the SIP replies that are sent to the affected phone during the registration process. A successful exploit could allow the attacker to cause the phone to reboot and not complete the registration process. Una vulnerabilidad en el software SIP IP Phone de Cisco para IP Phone 7800 Series y 8800 Series de Cisco, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un teléfono afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-ip-phone-sip-dos • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 28EXPL: 0CVE-2019-1684 – Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1684
A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected. • http://www.securityfocus.com/bid/107104 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •