Multiple vulnerabilities disclosed in IEEE 802.11 technical standard that undergirds the Wi-Fi networks. It is believed to adversely impact the users, with millions of devices at risk. It has potentially enabled an adversary to take control over a system and fetch confidential data.
FragAttacks (FRgmentation and AGgregation Attacks), the discovered flaws can thrash all Wi-Fi security protocols, from Wired Equivalent Privacy (WEP) to Wi-Fi Protected Access 3 (WPA3). Mathy Vanhoef, a postdoctoral researcher at the New York University of Abu Dhabi has highlighted three design and multiple implementation vulnerabilities that can virtually put almost every wireless-enabled device at risk of attack.
IEEE 802.11 provides the basis for all modern devices using wireless network protocols. It allows laptops, tablets, printers, smartphones, smart speakers, and other devices to communicate with each other, and access the Internet via a Wi-Fi router.
Introduced in January 2018, WPA3 is an amended third-generation security protocol implemented in most of the Wi-Fi devices of IEEE 802.11 standard. It has robust authentication and increased cryptographic strength to shield wireless computer networks. Despite this, FragAttacks has appeared to be more dangerous for wireless security, and this is what Vanhoef has affirmed in his discovery.
“An adversary that is within radio range of a victim can abuse these vulnerabilities to steal user information or attack devices,” said Mathy Vanhoef. “Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities,” she added further. He created a dedicated site ‘Fragattacks’, where the issue is explained in detail.
According To the research, the design or hardware level flaws are not easy to abuse it is the programming mistakes that are quite easy to exploit. “In experiments on more than 75 devices, all of them were vulnerable to one or more of the discovered attacks,” Vanhoef said. As it further explains, the weaknesses stem from widespread programming mistakes encoded in the implementation of the standard. The research uncovered that some of these flaws date back to 1997, more than two decades ago.
The vulnerabilities have to facilitate the way the standard fragments and aggregates frames. Threat actors can spoof arbitrary packets, and trick a victim into using a malicious DNS server or forge the frames to siphon data.
In his research paper, Vanhoef explained, “If network packets can be injected towards a client, this can be abused to trick the client into using a malicious DNS server.” He added, “If network packets can be injected towards an [access point], the adversary can abuse this to bypass the NAT/firewall and directly connect to any device in the local network.”
This is not the first time, earlier in 2017 also Vanhoef has demonstrated severe flaws in the Wi-Fi standard. He disclosed KRACKs (Key Reinstallation AttACKs) in the WPA2 protocol. It was also alarming research that highlighted how attackers are able to read sensitive information and steal credit card numbers, passwords, messages, and other data.
But on a brighter note, this time FragAttacks- the design flaws are not easy to exploit. It requires user interaction or only possible when using uncommon network settings. The findings of Vanhoef’s research have been shared with the Wi-Fi Alliance.
The Wi-Fi Alliance has claimed that no vulnerabilities have yet maliciously used against Wi-Fi users. “There is no evidence of exploitation of these vulnerabilities, and routine device updates can mitigate these issues as it can help in detection of suspect transmissions or improve adherence to recommended security implementation practices,” the Wi-Fi Alliance said
Some of the products have delivered security updates. For example, Microsoft has already rolled out Windows 10, Windows 8.1 and Windows 7 update, having patches for these vulnerabilities. Similarly, Wi-Fi routers producer Netgear has also pushed out a security advisory related to FragAttacks. Moreover, it has also issued a guideline on updates for its products that users should install without further delay.
But the page notes that these “vulnerabilities can be used to withdraw data without your knowledge and can lead to other exploits.”