Multiple vulnerabilities in Juniper Networks Mist Access Point
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2020-26145 CVE-2020-26141 CVE-2020-26142 CVE-2020-26139 CVE-2020-26147 CVE-2020-26146 CVE-2020-26143 CVE-2020-26140 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Mist Access Point Hardware solutions / Routers & switches, VoIP, GSM, etc AP21 Hardware solutions / Routers & switches, VoIP, GSM, etc AP41 Hardware solutions / Routers & switches, VoIP, GSM, etc AP61 Hardware solutions / Routers & switches, VoIP, GSM, etc AP43 Hardware solutions / Routers & switches, VoIP, GSM, etc AP63 Hardware solutions / Routers & switches, VoIP, GSM, etc AP12 Hardware solutions / Routers & switches, VoIP, GSM, etc AP32 Hardware solutions / Routers & switches, VoIP, GSM, etc AP33 Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU53155
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26145
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. A remote attacker on the local network can inject arbitrary network packets independent of the network configuration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU53176
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26141
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. A remote attacker on the local network can inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU53175
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26142
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. A remote attacker on the local network can inject arbitrary network packets, independent of the network configuration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU53174
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26139
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to forwarding EAPOL frames even though the sender is not yet authenticated. A remote attacker on the local network can cause a denial of service (DoS) condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU53172
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26147
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. A remote attacker on the local network can inject packets and/or exfiltrate selected fragments
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU53167
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26146
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. A remote attacker on the local network can exfiltrate selected fragments.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU53166
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26143
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. A remote attacker on the local network can inject arbitrary data frames independent of the network configuration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Input validation error
EUVDB-ID: #VU53161
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26140
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. A remote attacker on the local network can inject arbitrary data frames independent of the network configuration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMist Access Point: 0.5 - 0.9
AP21: All versions
AP41: All versions
AP61: All versions
AP43: All versions
AP63: All versions
AP12: All versions
AP32: All versions
AP33: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
