VDB

CISCO-SA-WIFI-FAF-22EPCEWU

CISCO-SA-WIFI-FAF-22EPCEWU PUBLISHED CVSS 6.5 MEDIUM

On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device. This advisory will be updated as additional information becomes available.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

VendorProductVersions
Cisco TelePresence Endpoint Software (TC/CE)
Cisco IP Phones with Multiplatform Firmware
Cisco Aironet Access Point Software (IOS XE Controller)
Cisco Aironet Access Point Software
Cisco Business Wireless Access Point Software
Cisco Webex Room Phone

Exploit Intelligence

…and 13 more exploits

Timeline

  • May 11, 2021 CVE Published
  • Dec 15, 2021 CVE Updated

References

…and 3 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›