An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| samsung | galaxy_i9305_firmware | - | - |
| arista | c-250_firmware | 10.0.1-31 | - |
| arista | c-260_firmware | 10.0.1-31 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
19
Affected Products
12
References
samsung / galaxy_i9305_firmware
| - |
| arista | c-230_firmware | 10.0.1-31 | - |
| arista | c-235_firmware | 10.0.1-31 | - |
| arista | c-200_firmware | 11.0.0-36 | - |
| arista | c-120_firmware | 11.0.0-36 | - |
| arista | c-130_firmware | 11.0.0-36 | - |
| arista | c-100_firmware | 11.0.0-36 | - |
| arista | c-110_firmware | 11.0.0-36 | - |
| arista | o-105_firmware | 11.0.0-36 | - |
| arista | w-118_firmware | 11.0.0-36 | - |
| arista | c-75_firmware | - | - |
| arista | o-90_firmware | - | - |
| arista | c-65_firmware | - | - |
| arista | w-68_firmware | - | - |
| siemens | scalance_w700_ieee_802.11n_firmware | - | - |
| siemens | scalance_w1700_ieee_802.11ac_firmware | - | - |
| siemens | scalance_w1750d_firmware | 8.7.1.3 | - |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability
Impact