Wi-Fi Vulnerabilities (FragAttacks)
Canon Medical Systems Security Advisory
Overview:
FragAttacks is a collection of security vulnerabilities reported in May 2021 that affect Wi-Fi devices. These vulnerabilities are due to the specifications and implementation of the wireless LAN standard IEEE 802.11, and affect various wireless LAN devices that comply with the standard.
Vulnerability Overview:
| CVE ID | Description | CVSS |
| CVE-2020-24586 | Not clearing fragments from memory when (re)connecting to a network | 3.5 |
| CVE-2020-24587 | Reassembling fragments encrypted under different keys | 2.6 |
| CVE-2020-24588 | Accepting non-SPP A-MSDU frames | 3.5 |
| CVE-2020-26139 | Forwarding EAPOL frames even though the sender is not yet authenticated | 5.3 |
| CVE-2020-26140 | Accepting plaintext data frames in a protected network | 6.5 |
| CVE-2020-26141 | Not verifying the TKIP MIC of fragmented frames | 6.5 |
| CVE-2020-26142 | Processing fragmented frames as full frames | 5.4 |
| CVE-2020-26143 | Accepting fragmented plaintext data frames in a protected network | 6.5 |
| CVE-2020-26144 | Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network) | 6.5 |
| CVE-2020-26145 | Accepting plaintext broadcast fragments as full frames (in an encrypted network) | 6.5 |
| CVE-2020-26146 | Reassembling encrypted fragments with non-consecutive packet numbers | 5.3 |
| CVE-2020-26147 | Reassembling mixed encrypted/plaintext fragments | 5.4 |
Possible Affected Canon Medical Systems Products:
The following products are disabling Wi-Fi services as the default.
- CT Medical Imaging Products
- MR Medical Imaging Products
- VL Medical Imaging Products
- NM Medical Imaging Products
- Wireless FPD
- Ultrasound Device (Wireless communication option)
Resolution:
Canon Medical Systems Corporation is providing the update information for the vulnerabilities.
For inquiries concerning these subject products, please contact the nearest branch office, sales/service office.
