[German]Another small addendum from the end of March 2023. Security researchers have discovered a serious design weakness in the IEEE 802.11 WiFi protocol standard. This weakness could allow attackers to eavesdrop on WLAN access points and transmit network frames in plain text. This could, for example, inject malicious JavaScript commands into the network packets. It is an academic finding, and there is no evidence yet that this flaw is being exploited.
Advertising
Security researchers found that n queues buffered WiFi frames are not sufficiently protected against attackers. These could eavesdrop on the data transmission by means of client spoofing and manipulate it via frame redirection. The colleagues from Bleeping Computer picked up on this in this article (see the following tweet).
The technical details are described in the PDF document Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues by security researchers Domien Schepers and Aanjhan Ranganathan (both Northeastern University) and Mathy Vanhoef (imec-DistriNet, KU Leuven).
Advertising