PatchSiren cyber security CVE debrief
CVE-2020-26144 Siemens CVE debrief
CVE-2020-26144 affects Siemens SCALANCE wireless products covered by CISA advisory ICSA-26-111-07. The advisory describes a flaw in WEP/WPA/WPA2/WPA3 handling where plaintext A-MSDU frames may be accepted if the first 8 bytes match a valid RFC1042 LLC/SNAP header for EAPOL. That condition can let an adversary inject arbitrary network packets from within Wi-Fi range, regardless of the network configuration. Siemens’ remediation is to update affected devices to V6.6.0 or later.
- Vendor
- Siemens
- Product
- SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-14
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-14
- Advisory updated
- 2026-04-21
Who should care
OT and industrial network operators using affected Siemens SCALANCE W-series wireless devices, especially teams responsible for wireless perimeter controls, firmware management, and site security monitoring.
Technical summary
The advisory states that affected wireless implementations accept plaintext A-MSDU frames when the initial bytes resemble an RFC1042 LLC/SNAP header for EAPOL. Because the frames are accepted in plaintext, an attacker within radio range may inject packets into the network path. Siemens’ documented fix is V6.6.0 or later, with interim guidance to reduce Wi-Fi transmission power or place devices in physically protected areas.
Defensive priority
High for any exposed industrial wireless deployment using the affected SCALANCE models; otherwise medium, because exploitation requires Wi-Fi proximity but can enable unauthorized network packet injection.
Recommended defensive actions
- Identify whether any listed Siemens SCALANCE W-series devices are deployed and confirm firmware versions.
- Upgrade affected devices to V6.6.0 or later as recommended by Siemens.
- If immediate upgrading is not possible, reduce Wi-Fi transmission power where feasible and place devices in private areas with physical access controls.
- Review wireless access points and network monitoring for unusual EAPOL-related or unexpected L2 traffic patterns.
- Use the Siemens ProductCERT advisory and CISA advisory to verify model coverage and remediation scope.
Evidence notes
This debrief is based on the supplied CISA CSAF advisory for ICSA-26-111-07 and the Siemens ProductCERT references listed in that advisory. The source corpus includes a description text that mentions Samsung Galaxy S3 i9305, but the advisory metadata, product list, and remediation clearly identify Siemens SCALANCE wireless devices as the affected products. Because the supplied vendor metadata is inconsistent and marked low confidence, the affected-product framing is limited to the advisory content itself.
Official resources
-
CVE-2020-26144 CVE record
CVE.org
-
CVE-2020-26144 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE published in the supplied source timeline on 2026-04-14 and republished by CISA on 2026-04-21. Use the CVE published date for timing context; do not infer any earlier or later issue date from generation or review activity.