VDB
ICSA-22-102-04
ICSA-22-102-04
PUBLISHED
CVSS 3.5 LOW
There are multiple vulnerabilities due to design flaws in the frame fragmentation functionality and the frame aggregation functionality in the Wireless Communication Standards IEEE 802.11. These vulnerabilities could allow an attacker to steal communication contents or inject unauthorized packets.
Risk Scores
CVSS 3.1
3.5
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| GT25-WLAN: Version 01.39.000 and earlier |
Exploit Intelligence
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 (circl)
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-102-04.json (circl)
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-102-04 (circl)
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf (circl)
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B (circl)
- https://www.mitsubishielectric.com/fa (circl)
- https://www.mitsubishielectric.com/fa/support/index.html (circl)
- https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html (circl)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146 (circl)
Timeline
- Apr 12, 2022 CVE Published
- May 12, 2022 CVE Updated
References
- https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 url
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-102-04.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-22-102-04 advisory
- https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B url
- https://www.mitsubishielectric.com/fa fix
- https://www.mitsubishielectric.com/fa/support/index.html fix
- https://www.mitsubishielectric.com/fa/products/hmi/got/smerit/gt_works3/manual/index.html fix
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26146 fix