All Wifi Devices Can Be Attacked by FragAttacks Vulnerabilities

Three of these errors are due to the Wi-Fi 802.11 standard design in frame aggregation and frame fragmentation affecting most devices, while others are due to programming in Wifi products. .

'Tests indicate that every Wifi product is affected by at least one vulnerability, and most products are affected by several vulnerabilities.

The discovered vulnerabilities affect all modern Wi-Fi security protocols, including WPA3. Even Wifi's native security protocol, known as WEP, is affected.

This means that some of the newly discovered design flaws have existed since its release in 1997' – information security expert Vanhoef.

Attackers who abuse these design flaws must be within Wi-Fi range of the devices they want to attack in order to steal sensitive user data and execute malicious code.

Impact of the FragAttacks vulnerability

Fortunately, the Vanhoef expert discovered additional 'design flaws that are difficult to abuse because doing so requires user interaction or is only possible when using uncommon network settings'.

The programming flaws behind some FragAttacks vulnerabilities are trivial to exploit, however, they can allow attackers to easily abuse unpatched Wifi products.

FragAttacks CVE related to Wifi design flaws include:

1. CVE-2020-24588
2. CVE-2020-24587
3. CVE-2020-24586

The Wi-Fi implementation vulnerabilities are assigned the following CVEs:

1. CVE-2020-26145
2. CVE-2020-26144
3. CVE-2020-26140
4. CVE-2020-26143

Other implementation errors detected by Vanhoef include:

1. CVE-2020-26139
2. CVE-2020-26147
3. CVE-2020-26142
4. CVE-2020-26141

The researcher also made a video showing how attackers can take over an unpatched Windows 7 system inside the target's local network.

Security updates have been released by several vendors

The Industry Association for the Advancement of the Internet (ICASI) says vendors are developing patches for their products to mitigate FragAttacks.

Cisco Systems, HPE / Aruba Networks, Juniper Networks, Sierra Wireless, and Microsoft have released FragAttacks security updates and advisory.

These security updates are all monitored by ICASI and the Wifi Alliance.

The Wifi Alliance said: 'There is no evidence that the vulnerabilities are maliciously used to target Wifi users, and the risks are reduced through periodic device updates when significant traffic is detected. suspect or improve compliance with the recommended security implementation'.

Additionally, Wifi Alliance notes that Wifi users should ensure they have installed the latest recommended updates from device manufacturers.

Minimize FragAttacks

If your device vendor hasn't released a security update to address the FragAttacks errors, there are still ways to reduce vulnerability:

1. Make sure all websites and online services you visit use HTTPS
2. Use the strongest, unique password
3. Do not visit the dark web

Over the past four years, Vanhoef has also discovered KRACK and Dragonblood attacks, which allow attackers to observe encrypted network traffic exchanged between connected Wifi devices, crack Wifi network passwords. , spoofing web traffic by injecting malicious packets and stealing sensitive information.

Marvin Fry

Update 13 May 2021