All Wifi Devices Can Be Attacked by FragAttacks Vulnerabilities

New York University security researcher Mathy Vanhoef discovered FragAttacks - a collection of Wifi security vulnerabilities. FragAttacks is affecting all Wifi devices such as computers, smartphones and smart devices since 1997.

Three of these errors are due to the Wi-Fi 802.11 standard design in frame aggregation and frame fragmentation affecting most devices, while others are due to programming in Wifi products. .

All Wifi Devices Can Be Attacked by FragAttacks Vulnerabilities Picture 1 All Wifi Devices Can Be Attacked by FragAttacks Vulnerabilities Picture 1

'Tests indicate that every Wifi product is affected by at least one vulnerability, and most products are affected by several vulnerabilities.

The discovered vulnerabilities affect all modern Wi-Fi security protocols, including WPA3. Even Wifi's native security protocol, known as WEP, is affected.

This means that some of the newly discovered design flaws have existed since its release in 1997' – information security expert Vanhoef.

Attackers who abuse these design flaws must be within Wi-Fi range of the devices they want to attack in order to steal sensitive user data and execute malicious code.

Impact of the FragAttacks vulnerability

Fortunately, the Vanhoef expert discovered additional 'design flaws that are difficult to abuse because doing so requires user interaction or is only possible when using uncommon network settings'.

The programming flaws behind some FragAttacks vulnerabilities are trivial to exploit, however, they can allow attackers to easily abuse unpatched Wifi products.

FragAttacks CVE related to Wifi design flaws include:

CVE-2020-24588
CVE-2020-24587
CVE-2020-24586

The Wi-Fi implementation vulnerabilities are assigned the following CVEs:

CVE-2020-26145
CVE-2020-26144
CVE-2020-26140
CVE-2020-26143

Other implementation errors detected by Vanhoef include:

CVE-2020-26139
CVE-2020-26147
CVE-2020-26142
CVE-2020-26141

The researcher also made a video showing how attackers can take over an unpatched Windows 7 system inside the target's local network.

Security updates have been released by several vendors

The Industry Association for the Advancement of the Internet (ICASI) says vendors are developing patches for their products to mitigate FragAttacks.

Cisco Systems, HPE / Aruba Networks, Juniper Networks, Sierra Wireless, and Microsoft have released FragAttacks security updates and advisory.

These security updates are all monitored by ICASI and the Wifi Alliance.

The Wifi Alliance said: 'There is no evidence that the vulnerabilities are maliciously used to target Wifi users, and the risks are reduced through periodic device updates when significant traffic is detected. suspect or improve compliance with the recommended security implementation'.

Additionally, Wifi Alliance notes that Wifi users should ensure they have installed the latest recommended updates from device manufacturers.

Minimize FragAttacks

If your device vendor hasn't released a security update to address the FragAttacks errors, there are still ways to reduce vulnerability:

Make sure all websites and online services you visit use HTTPS
Use the strongest, unique password
Do not visit the dark web

Over the past four years, Vanhoef has also discovered KRACK and Dragonblood attacks, which allow attackers to observe encrypted network traffic exchanged between connected Wifi devices, crack Wifi network passwords. , spoofing web traffic by injecting malicious packets and stealing sensitive information.