FragAttack: Attack on WLAN devices

Sicherheit (Pexels, allgemeine Nutzung)[German]German BSI and security researchers has issued a warning because a vulnerability called FRAGAttack allows millions of WLAN devices to be attacked locally. The vulnerability affects all WLAN standards (up to WPA3). Fortunately, this vulnerability can only be attacked if the attacker is in the WLAN’s reception range. Here is some information about FRAGAttack.


Advertising

From the German BSI (Federal Office for Information Security) there is the following warning via tweet about the vulnerability called FRAGAttack (fragmentation and aggregation attacks). Security researchers published their findings on numerous WLAN vulnerabilities that can affect both WLAN routers and the devices connected to them on May 11, 2021. An attacker within range of a victim’s WLAN wireless network can abuse these vulnerabilities to steal user information or attack devices.

FRAGAttack

Three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and therefore affect most devices. The BSI writes that, based on the current state of affairs, it can be assumed that some of these vulnerabilities are design-related (due to the Wi-Fi standard) and can be exploited across manufacturers.

In addition, several other vulnerabilities have been discovered that are due to widespread programming errors in Wi-Fi products. Experiments show that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by multiple vulnerabilities. The encryption technology used (WPA, WPA2, WPA3) also plays no role in attacks. Furthermore, the security researchers state that every WLAN device they tested is affected by at least one of the vulnerabilities mentioned.

(Source: YouTube)


Advertising

The video above demonstrates the exploitability of the vulnerabilities. A detailed description of the vulnerabilities and threat scenarios can be found on this website. Manufacturers informed in advance by the discoverers have been given the opportunity to check the facts and provide patches if necessary. Currently, the BSI has no information on which devices are affected by which vulnerabilities or whether patches have been/will be released.

The vulnerabilities are difficult to exploit and require an attacker to be near a WLAN. The CVEs assigned to the vulnerabilities have a severity level between 4.8 and 6.5. In other words, there is currently nothing to do but wait and hope that manufacturers provide firmware updates for their devices.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *