Recently, a whole raft of security flaws has been found that impact all Wi-Fi devices, including smart phones, IoT devices, and personal computers going back as far as 1997. This unfortunately means that almost every Wi-Fi device in use today is vulnerable.

Collectively, the attacks associated with these issues have been dubbed FragAttacks.

Mathy Vanhoef, of the University of Abu Dhabi, and the researcher who discovered FragAttacks had this to say about them:

"Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities.

The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected. This means that several of the newly discovered design flaws have been part of Wi-Fi since its release in 1997!"

If there's a silver lining to be had, it lies in the fact that an attacker needs to be within the Wi-Fi range of the device targeted in order to execute the attack and either inject malicious code or steal sensitive data. However, if the attacker is in range, it's entirely possible for him to take complete control of the target device.

Vanhoef also notes that the flaws are somewhat difficult to abuse because they rely on network settings not commonly used, which, combined with the first point does offer a measure of protection.

Nonetheless, this is about as serious as it gets, but fortunately, vendors are already in the process of developing patches to address the issues.

The patches are being tracked as follows:

  • CVE-2020-24588
  • CVE-2020-24587
  • CVE-2020-24586
  • CVE-2020-26145
  • CVE-2020-26144
  • CVE-2020-26140
  • CVE-2020-26143
  • CVE-2020-26139
  • CVE-2020-26146
  • CVE-2020-26147
  • CVE-2020-26142
  • CVE-2020-26141

Finally, note that there's no evidence at this point that any of these attacks are being used in the wild. Even so, these flaws represent a serious point of weakness. Until patches are developed and deployed, researchers recommend disabling fragmentation, disabling pairwise rekeys and disabling dynamic fragmentation in Wi-Fi 6 (802.11ax) devices.

 


 

Would you like to be a Power User? Sign up for "The Fix" our Mac Tips and Tricks newsletter here.
If you have any questions you can reach The MacGuys+ at 763-331-6227 or schedule an on-site visit here
 Mac IT for the Minneapolis, St. Paul, Twin Cities Metro, and Western WI Area! Nation Wide Work Anyplace Mac IT Support.

Used with permission from Article Aggregator