CVSS: 5.5EPSS: 0%CPEs: 50EXPL: 0CVE-2021-0072
https://notcve.org/view.php?id=CVE-2021-0072
Improper input validation in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and some Killer(TM) Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable information disclosure via local access. Una comprobación de entrada inapropiada en el firmware de algunos Intel(R) PROSet/Wireless Wi-Fi en diversos sistemas operativos y algunos Killer(TM) Wi-Fi en Windows 10 y 11, puede permitir a un usuario privilegiado habilitar potencialmente una divulgación de información por medio de acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 62EXPL: 0CVE-2021-0066
https://notcve.org/view.php?id=CVE-2021-0066
Improper input validation in firmware for Intel(R) PROSet/Wireless Wi-Fi in multiple operating systems and Killer(TM) Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable escalation of privilege via local access. Una comprobación de entrada inapropiada en el firmware para Intel(R) PROSet/Wireless Wi-Fi en diversos sistemas operativos y Killer(TM) Wi-Fi en Windows 10 y 11, puede permitir a un usuario no autenticado habilitar potencialmente una escalada de privilegios por medio de acceso local • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 32EXPL: 0CVE-2020-26555 – kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack
https://notcve.org/view.php?id=CVE-2020-26555
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. Un emparejamiento de código PIN BR/EDR heredado de Bluetooth en Bluetooth Core Specification versiones 1.0B hasta 5.2, puede permitir a un dispositivo cercano no autenticado falsificar el BD_ADDR del dispositivo peer para completar el emparejamiento sin conocer el PIN A vulnerability was found in Linux Kernel, where Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack. When an attacker connects to a victim device using the address of the device and the victim initiates a Pairing, the attacker can reflect the encrypted nonce even without knowledge of the key. • https://kb.cert.org/vuls/id/799380 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html https://access.redhat.com/security/cve/CVE-2020-26555 https://bugzilla.redhat.com/show_bug.cgi?id=1918601 • CWE-400: Uncontrolled Resource Consumption CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 330EXPL: 0CVE-2020-26139 – kernel: Forwarding EAPOL from unauthenticated wifi client
https://notcve.org/view.php?id=CVE-2020-26139
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Se detectó un problema en el kernel en NetBSD versión 7.1. Un punto de acceso (AP) reenvía tramas EAPOL a otros clientes aunque el remitente aún no se haya autenticado con éxito en el AP. • http://www.openwall.com/lists/oss-security/2021/05/11/12 https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://www.arista.com/en/support/advisories-notices/security-advisories/12602-s • CWE-287: Improper Authentication CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.5EPSS: 0%CPEs: 408EXPL: 0CVE-2020-26140 – kernel: accepting plaintext data frames in protected networks
https://notcve.org/view.php?id=CVE-2020-26140
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration. Se detectó un problema en el controlador ALFA de Windows 10 versión 6.1316.1209 para AWUS036H. Las implementaciones WEP, WPA, WPA2 y WPA3 aceptan tramas de texto plano en una red Wi-Fi protegida. • http://www.openwall.com/lists/oss-security/2021/05/11/12 https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 https://www.fragattacks.com https://access.redhat.com/security/cve/CVE-2020-26140 https://bugzilla.redhat.com/show&# • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-346: Origin Validation Error •