PT-2021-1511 · Check Point+9 · Check Point Gaia+9
Mathy Vanhoef
·
Published
2021-05-11
·
Updated
2024-06-15
·
CVE-2020-26141
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
ALFA Windows 10 driver version 6.1316.1209
Check Point GAiA (affected versions not specified)
Description
An issue was discovered in the Wi-Fi implementation of the ALFA Windows 10 driver, where it does not verify the Message Integrity Check of fragmented TKIP frames. This allows an adversary to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. The vulnerability can be exploited by a remote attacker to inject and decrypt packets in WPA or WPA2 networks.
Recommendations
For ALFA Windows 10 driver version 6.1316.1209, consider disabling the use of TKIP protocol until a patch is available.
For Check Point GAiA, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alfa Windows 10 Driver
Alt Linux
Almalinux
Astra Linux
Centos
Check Point Gaia
Linuxmint
Red Hat
Suse
Ubuntu