A security researcher is known for pointing out WiFi security flaws discovered another vulnerability. The newly discovered vulnerabilities are called “fragile attacks” and are widespread because they are derived from the WiFi standard. Some of these bugs date back to 1997. Although there are some additional vulnerabilities due to programming errors in WiFi products, and these vulnerabilities affect all WiFi devices, Belgian security researcher Mathy Vanhoef wrote on his blog.
In theory, if these vulnerabilities are exploited, these vulnerabilities will allow an attacker in range to steal user information or attack computers. However, since the attack requires user interaction or unusual network settings, there should be little chance that the flaw will be abused.
Vanhoef explained how they work and explained that certain flaws can be used to inject “easy plain text frames” into a protected Wi-Fi network, and some accept “added plain text frames that look like handshake messages.” The researchers noted that by tricking victims into using malicious DNS servers to intercept traffic, Vanhoef found that two of the four home routers tested were affected by this vulnerability, as well as some IoT devices and some smartphones.
Other vulnerabilities are related to the process of destroying WiFi standards and then reassembling data packets on the network. Attackers can steal data by injecting their own malicious code during this operation. Vanhoef has uploaded a demo of the flaw, including step-by-step instructions on the fragmentation attack, which you can see below.
Like his previous discoveries (including “Krak Attack” in 2017), Vanhoef shared his findings with the Wi-Fi Alliance. For the past nine months, the organization has been working with equipment vendors to resolve these deficiencies.
As a result, some patches have been released or are in the process of being released. According to network security news site The Record, Microsoft has resolved 3 of the 12 bugs that affect Windows systems in a patch released on March 9. According to reports from ZDNet, patches for the Linux kernel are also taking place on the entire release system.
According to data from the Internet Security Improvement Industry Alliance (ICASI), companies such as Cisco, Juniper Networks, Sierra Wireless, and HPE / Aruba Networks have also started developing patches to mitigate vulnerabilities. You can check if your device has received patches for 12 vulnerable attacks by checking its firmware changelog and looking for updates related to the CVE identifier listed on the ICASI website. However, if you are still unsure, Vanhoef recommends accessing the site over a secure HTTPS connection.
Wi-Fi Alliance said: “There is no evidence that the vulnerability has been used maliciously against Wi-Fi users, and these issues can be mitigated with regular device updates that can detect suspicious transmissions or improve recommended security practices. Level compliance “.