All Wifi Devices Can Be Attacked by FragAttacks Vulnerabilities
Three of these errors are due to the Wi-Fi 802.11 standard design in frame aggregation and frame fragmentation affecting most devices, while others are due to programming in Wifi products. .
'Tests indicate that every Wifi product is affected by at least one vulnerability, and most products are affected by several vulnerabilities.
The discovered vulnerabilities affect all modern Wi-Fi security protocols, including WPA3. Even Wifi's native security protocol, known as WEP, is affected.
This means that some of the newly discovered design flaws have existed since its release in 1997' – information security expert Vanhoef.
Attackers who abuse these design flaws must be within Wi-Fi range of the devices they want to attack in order to steal sensitive user data and execute malicious code.
Impact of the FragAttacks vulnerability
Fortunately, the Vanhoef expert discovered additional 'design flaws that are difficult to abuse because doing so requires user interaction or is only possible when using uncommon network settings'.
The programming flaws behind some FragAttacks vulnerabilities are trivial to exploit, however, they can allow attackers to easily abuse unpatched Wifi products.
FragAttacks CVE related to Wifi design flaws include:
- CVE-2020-24588
- CVE-2020-24587
- CVE-2020-24586
The Wi-Fi implementation vulnerabilities are assigned the following CVEs:
- CVE-2020-26145
- CVE-2020-26144
- CVE-2020-26140
- CVE-2020-26143
Other implementation errors detected by Vanhoef include:
- CVE-2020-26139
- CVE-2020-26147
- CVE-2020-26142
- CVE-2020-26141
The researcher also made a video showing how attackers can take over an unpatched Windows 7 system inside the target's local network.
Security updates have been released by several vendors
The Industry Association for the Advancement of the Internet (ICASI) says vendors are developing patches for their products to mitigate FragAttacks.
Cisco Systems, HPE / Aruba Networks, Juniper Networks, Sierra Wireless, and Microsoft have released FragAttacks security updates and advisory.
These security updates are all monitored by ICASI and the Wifi Alliance.
The Wifi Alliance said: 'There is no evidence that the vulnerabilities are maliciously used to target Wifi users, and the risks are reduced through periodic device updates when significant traffic is detected. suspect or improve compliance with the recommended security implementation'.
Additionally, Wifi Alliance notes that Wifi users should ensure they have installed the latest recommended updates from device manufacturers.
Minimize FragAttacks
If your device vendor hasn't released a security update to address the FragAttacks errors, there are still ways to reduce vulnerability:
- Make sure all websites and online services you visit use HTTPS
- Use the strongest, unique password
- Do not visit the dark web
Over the past four years, Vanhoef has also discovered KRACK and Dragonblood attacks, which allow attackers to observe encrypted network traffic exchanged between connected Wifi devices, crack Wifi network passwords. , spoofing web traffic by injecting malicious packets and stealing sensitive information.
You should read it
- What are FragAttacks? how to protect your WiFi device from FragAttacks
- Wi-Fi Vulnerability Leads to FragAttacks Attacks
- Learn about WPA3, the latest WiFi security standard today
- The new WPA3 WiFi standard was officially released
- What is a WiFi Karma attack?
- Discover new ways to hack WPA3 protected WiFi passwords
- Difference between WiFi 5, WiFi 6 and WiFi 6E
- What is the newly announced WPA3 WiFi security protocol?
- What is WiFi 6E? How is WiFi 6E different from WiFi 6?
- What is WiFi 6? What is WiFi 6E? Things you need to know about WiFi 6 and WiFi 6E
- WiFi error when connecting to a special network name that can be used to hack iPhone
- KRACK attack breaks down the WPA2 WiFi protocol