Fragmented Frame Injection Vulnerability in OpenBSD 6.6

Fragmented Frame Injection Vulnerability in OpenBSD 6.6

CVE-2020-26142 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.

Learn more about our Network Penetration Testing.