CVE-2020-24588 vulnerability in Ieee and Other Products
Published on May 11, 2021

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

Vendor Advisory NVD

Products Associated with CVE-2020-24588

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-24588 are published in these products:

Ieee 802 11

Linux Mac80211

Canonical Ubuntu Linux

Microsoft Windows 10

Microsoft Windows 7

Microsoft Windows 8.1

Microsoft Windows Rt 8 1

Microsoft Windows Server 2008

Microsoft Windows Server 2016

Microsoft Windows Server 2012

Microsoft Windows Server 2019

Debian Linux

Linux Kernel

Exploit Probability

EPSS

0.34%

Percentile

56.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-24588 vulnerability in Ieee and Other ProductsPublished on May 11, 2021

Products Associated with CVE-2020-24588

Exploit Probability

CVE-2020-24588 vulnerability in Ieee and Other Products
Published on May 11, 2021