Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVSS Metrics
- Vector
- CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
- Attack Vector
- adjacent network
- Complexity
- low
- Privileges
- none
- User Action
- required
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- none
- Availability
- none
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- IEEE
- Published
- 5/11/2021
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
ieee : ieee_802.11debian : debian_linuxlinux : mac80211arista : c-250_firmwarearista : c-260_firmwarearista : c-230_firmwarearista : c-235_firmwarearista : c-200_firmwareintel : ax210_firmwareintel : ax201_firmwareintel : ax200_firmwareintel : ac_9560_firmwareintel : ac_9462_firmwareintel : ac_9461_firmwareintel : ac_9260_firmwareintel : ac_8265_firmwareintel : ac_8260_firmwareintel : ac_3168_firmwareintel : ac_7265_firmwareintel : ac_3165_firmwareintel : ax1675_firmwareintel : ax1650_firmwareintel : ac_1550_firmwarelinux : linux_kernellinux : linux_kernellinux : linux_kernellinux : linux_kernellinux : linux_kernellinux : linux_kernellinux : linux_kernel
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.