Attacker Value
Unknown
CVE-2020-24587
Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)CVE-2020-24587
(Last updated October 07, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Collection
Techniques
Validation
Credential Access
Techniques
Validation
Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Add Assessment
3
Technical Analysis
Attackers are able to sniff traffic from the incoming lan connection while using a MITM attack or a man in the browser attack. It seems more like a man in the lower attack because it will be as if two users are sending cmds to the same device at the same time. Over time what will happen is the attacker will lock down the access point, harden it then set your browser and internet access to a guest connection. You are able to login in to your router but not actually make changes.. For example I could logon to the router at 192.168.1.1 configure it then connect remotely to it and it would connect to the same port only the ip would be 162.244.6.18. The router of in use doesn’t have WIFI but has an AP controller. Anyone else come across this .please im all ears. Thanks!
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
2.6 Low
Impact Score:
1.4
Exploitability Score:
1.2
Attack Vector (AV):
Adjacent_network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Unchanged
Confidentiality (C):
Low
Integrity (I):
None
Availability (A):
None
General Information
Vendors
- arista,
- cisco,
- debian,
- ieee,
- intel,
- linux
Products
- 1100 firmware -,
- 1100-4p firmware -,
- 1100-8p firmware -,
- 1101-4p firmware -,
- 1109-2p firmware -,
- 1109-4p firmware -,
- ac 8260 firmware -,
- ac 8265 firmware -,
- ac 9260 firmware -,
- ac 9560 firmware -,
- aironet 1532 firmware -,
- aironet 1542d firmware -,
- aironet 1542i firmware -,
- aironet 1552 firmware -,
- aironet 1552h firmware -,
- aironet 1572 firmware -,
- aironet 1702 firmware -,
- aironet 1800 firmware -,
- aironet 1800i firmware -,
- aironet 1810 firmware -,
- aironet 1810w firmware -,
- aironet 1815 firmware -,
- aironet 1815i firmware -,
- aironet 1832 firmware -,
- aironet 1842 firmware -,
- aironet 1852 firmware -,
- aironet 2702 firmware -,
- aironet 2800 firmware -,
- aironet 2800e firmware -,
- aironet 2800i firmware -,
- aironet 3702 firmware -,
- aironet 3800 firmware -,
- aironet 3800e firmware -,
- aironet 3800i firmware -,
- aironet 3800p firmware -,
- aironet 4800 firmware -,
- aironet ap803 firmware -,
- aironet iw3702 firmware -,
- c-100 firmware -,
- c-110 firmware -,
- c-120 firmware -,
- c-130 firmware -,
- c-200 firmware -,
- c-230 firmware -,
- c-235 firmware -,
- c-250 firmware -,
- c-260 firmware -,
- c-65 firmware -,
- c-75 firmware -,
- catalyst 9105 firmware -,
- catalyst 9105axi firmware -,
- catalyst 9105axw firmware -,
- catalyst 9115 ap firmware -,
- catalyst 9115 firmware -,
- catalyst 9115axe firmware -,
- catalyst 9115axi firmware -,
- catalyst 9117 ap firmware -,
- catalyst 9117 firmware -,
- catalyst 9117axi firmware -,
- catalyst 9120 ap firmware -,
- catalyst 9120 firmware -,
- catalyst 9120axe firmware -,
- catalyst 9120axi firmware -,
- catalyst 9120axp firmware -,
- catalyst 9124 firmware -,
- catalyst 9124axd firmware -,
- catalyst 9124axi firmware -,
- catalyst 9130 ap firmware -,
- catalyst 9130 firmware -,
- catalyst 9130axe firmware -,
- catalyst 9130axi firmware -,
- catalyst iw6300 ac firmware -,
- catalyst iw6300 dc firmware -,
- catalyst iw6300 dcw firmware -,
- catalyst iw6300 firmware -,
- debian linux 9.0,
- esw6300 firmware -,
- ieee 802.11,
- ip phone 6861 firmware -,
- ip phone 8821 firmware -,
- ip phone 8832 firmware -,
- ip phone 8861 firmware -,
- ip phone 8865 firmware -,
- ir829-2lte-ea-ak9 firmware -,
- ir829-2lte-ea-bk9 firmware -,
- ir829-2lte-ea-ek9 firmware -,
- ir829gw-lte-ga-ck9 firmware -,
- ir829gw-lte-ga-ek9 firmware -,
- ir829gw-lte-ga-sk9 firmware -,
- ir829gw-lte-ga-zk9 firmware -,
- ir829gw-lte-na-ak9 firmware -,
- ir829gw-lte-vz-ak9 firmware -,
- killer ac 1550 firmware -,
- killer wi-fi 6 ax1650 firmware -,
- killer wi-fi 6e ax1675 firmware -,
- linux kernel,
- mac80211 -,
- meraki gr10 firmware -,
- meraki gr60 firmware -,
- meraki mr12 firmware -,
- meraki mr20 firmware -,
- meraki mr26 firmware -,
- meraki mr30h firmware -,
- meraki mr32 firmware -,
- meraki mr33 firmware -,
- meraki mr34 firmware -,
- meraki mr36 firmware -,
- meraki mr42 firmware -,
- meraki mr42e firmware -,
- meraki mr44 firmware -,
- meraki mr45 firmware -,
- meraki mr46 firmware -,
- meraki mr46e firmware -,
- meraki mr52 firmware -,
- meraki mr53 firmware -,
- meraki mr53e firmware -,
- meraki mr55 firmware -,
- meraki mr56 firmware -,
- meraki mr62 firmware -,
- meraki mr66 firmware -,
- meraki mr70 firmware -,
- meraki mr72 firmware -,
- meraki mr74 firmware -,
- meraki mr76 firmware -,
- meraki mr84 firmware -,
- meraki mr86 firmware -,
- meraki mx64w firmware -,
- meraki mx65w firmware -,
- meraki mx67cw firmware -,
- meraki mx67w firmware -,
- meraki mx68cw firmware -,
- meraki mx68w firmware -,
- meraki z3 firmware -,
- meraki z3c firmware -,
- o-105 firmware -,
- o-90 firmware -,
- proset ac 3165 firmware -,
- proset ac 3168 firmware -,
- proset ac 8260 firmware -,
- proset ac 8265 firmware -,
- proset ac 9260 firmware -,
- proset ac 9461 firmware -,
- proset ac 9462 firmware -,
- proset ac 9560 firmware -,
- proset wi-fi 6 ax200 firmware -,
- proset wi-fi 6 ax201 firmware -,
- proset wi-fi 6e ax210 firmware -,
- proset wireless 7265 (rev d) firmware -,
- w-118 firmware -,
- w-68 firmware -,
- webex board 55 firmware -,
- webex board 55s firmware -,
- webex board 70 firmware -,
- webex board 70s firmware -,
- webex board 85s firmware -,
- webex dx70 firmware -,
- webex dx80 firmware -,
- webex room 55 dual firmware -,
- webex room 55 firmware -,
- webex room 70 dual firmware -,
- webex room 70 dual g2 firmware -,
- webex room 70 firmware -,
- webex room 70 single firmware -,
- webex room 70 single g2 firmware -,
- webex room kit firmware -,
- webex room kit mini firmware -,
- wi-fi 6 ax200 firmware -,
- wi-fi 6 ax201 firmware -
Exploited in the Wild
References
Advisory
Hi @2020Cyberworld, thanks for the detailed assessment! I see you’ve reported a few vulns as exploited in the wild—are you seeing this and the other vulns you’ve reported used in active (not pen testing) attacks?