Arbitrary Data Injection Vulnerability in ALFA Windows 10 Driver 1030.36.604 for AWUS036ACH

Arbitrary Data Injection Vulnerability in ALFA Windows 10 Driver 1030.36.604 for AWUS036ACH

CVE-2020-26143 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Learn more about our Network Penetration Testing.