{"id":"CVE-2020-26141","details":"An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.","aliases":["2869483","A-177911676","ASB-A-177911676"],"modified":"2026-03-13T00:37:19.915117Z","published":"2021-05-11T20:15:08.727Z","related":["ALSA-2021:4356","MGASA-2021-0257","MGASA-2021-0258","SUSE-SU-2021:1887-1","SUSE-SU-2021:1888-1","SUSE-SU-2021:1889-1","SUSE-SU-2021:1890-1","SUSE-SU-2021:1891-1","SUSE-SU-2021:1899-1","SUSE-SU-2021:1912-1","SUSE-SU-2021:1913-1","SUSE-SU-2021:1975-1","SUSE-SU-2021:1977-1","SUSE-SU-2021:2208-1","SUSE-SU-2021:2406-1","SUSE-SU-2021:2421-1","SUSE-SU-2021:2451-1","openSUSE-SU-2021:0843-1","openSUSE-SU-2021:0947-1","openSUSE-SU-2021:1975-1","openSUSE-SU-2021:1977-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"ADVISORY","url":"https://www.fragattacks.com"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/05/11/12"},{"type":"ADVISORY","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"},{"type":"ADVISORY","url":"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"},{"type":"ADVISORY","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"},{"type":"ADVISORY","url":"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"6.1316.1209"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"27.7.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"26.8.3"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"17.0"}]},{"events":[{"introduced":"0"},{"fixed":"11.0\\(6\\)sr2"}]},{"events":[{"introduced":"0"},{"fixed":"11.3\\(5\\)"}]},{"events":[{"introduced":"0"},{"fixed":"11.3\\(5\\)"}]},{"events":[{"introduced":"0"},{"fixed":"14.1\\(1\\)"}]},{"events":[{"introduced":"0"},{"fixed":"14.1\\(1\\)"}]},{"events":[{"introduced":"0"},{"fixed":"14.1\\(1\\)"}]},{"events":[{"introduced":"0"},{"fixed":"1.2\\(0\\)sr1"}]},{"events":[{"introduced":"0"},{"fixed":"1.2\\(0\\)sr1"}]},{"events":[{"introduced":"0"},{"fixed":"10.8.2.5"}]},{"events":[{"introduced":"0"},{"fixed":"1.4\\(0\\)"}]},{"events":[{"introduced":"0"},{"fixed":"1.4\\(0\\)"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26141.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}