PatchSiren cyber security CVE debrief
CVE-2020-26146 Siemens CVE debrief
CVE-2020-26146 is a Wi‑Fi confidentiality issue in Siemens SCALANCE wireless devices that can let an attacker within radio range recover selected fragments when fragmented frames are reassembled incorrectly. The supplied advisory material points to affected SCALANCE W7xx products running versions prior to 6.6.0, with remediation available through vendor firmware updates and temporary exposure-reduction measures.
- Vendor
- Siemens
- Product
- SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-14
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-14
- Advisory updated
- 2026-04-21
Who should care
OT/ICS operators and network teams running Siemens SCALANCE W7xx wireless devices, especially where those devices carry sensitive traffic or are deployed in physically accessible radio environments.
Technical summary
According to the CISA/Siemens advisory corpus, affected SCALANCE devices may reassemble fragmented Wi‑Fi traffic even when packet numbers are non-consecutive. An attacker in Wi‑Fi range can abuse this behavior to exfiltrate selected fragments from traffic protected with WEP, CCMP, or GCMP; WEP is noted as vulnerable by design. The supplied CVSS vector is AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N (5.3 Medium), reflecting proximity requirements and confidentiality impact.
Defensive priority
Medium. Prioritize patching if affected SCALANCE units are reachable over Wi‑Fi, carry sensitive data, or cannot be isolated quickly; otherwise apply compensating controls while planning the firmware update.
Recommended defensive actions
- Upgrade affected Siemens SCALANCE devices to V6.6.0 or later, as directed in the vendor advisory.
- Reduce Wi‑Fi transmission power where practical and place devices in physically controlled areas to limit exposure within radio range.
- Inventory the listed SCALANCE models and confirm firmware versions; prioritize any unit running below 6.6.0.
- Review whether sensitive traffic depends on wireless confidentiality controls in these deployments and minimize reliance on exposed Wi‑Fi paths.
- Use compensating defense-in-depth measures from CISA guidance while remediation is being scheduled.
Evidence notes
The source corpus contains a notable inconsistency: the CVE description text mentions Samsung Galaxy S3 i9305 4.4.4 devices, while the CISA CSAF advisory, Siemens references, product list, and remediation all identify Siemens SCALANCE W7xx wireless products and a firmware fix at version 6.6.0 or later. This debrief follows the advisory/product evidence in the supplied corpus. Published and modified dates used here are the CVE/advisory dates supplied with the source data: 2026-04-14 and 2026-04-21.
Official resources
-
CVE-2020-26146 CVE record
CVE.org
-
CVE-2020-26146 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2026-04-14 and republished it on 2026-04-21 based on Siemens ProductCERT SSA-019200. No KEV listing is present in the supplied corpus.