QwikSec

Security Database

CVE

CWE

Training

CVE-2020-26139

Published: May 11, 2021

Modified: Apr 14, 2026

PUBLISHED

Description

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021

vendor-advisory

x_refsource_CISCO

https://www.fragattacks.com

x_refsource_MISC

https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

x_refsource_MISC

[oss-security] 20210511 various 802.11 security issues - fragattacks.com

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

x_refsource_CONFIRM

https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.