Blog

Compet Concept


APT actors use authentication bypass techniques and Pulse Secure Zero-Day

Fragmentation and aggregation attacks - or frag attacks - refer to a set of design flaws and programming vulnerabilities affecting Wi-Fi devices. Recent studies have shown that any attacker within radio range of a target can potentially exploit these vulnerabilities.

Research shows that the programming-related vulnerabilities pose a greater risk, while the design flaws may prove more difficult to exploit due to the need for user interaction or unusual network settings. Unfortunately, these vulnerabilities affect all modern Wi-Fi security protocols, from today's latest WPA3 all the way back to WEP from 1997 onwards. This means that a variety of devices have likely had similar vulnerabilities for many years.

Given the improved security protocols for Wi-Fi products over the years, these vulnerabilities came as a surprise. In fact, researchers revealed that the bugs stemmed from some of the earliest Wi-Fi protocols in the mid-1990s. However, the errors in programming exist in all mobile devices.

Once an attacker gets close to a mobile device user, they may be able to exploit the programming vulnerabilities by injecting plaintext frames into a protected Wi-Fi network. Since certain devices trust plaintext aggregated frames that look like handshake messages, many users could fall victim to such an attack. Hackers could then intercept traffic to that device by tricking the target into using a malicious DNS server. Research further showed that this vulnerability affected two out of four home routers tested, as well as several IoT devices and various smartphones.

Other identified vulnerabilities include how the Wi-Fi standard segments and reassembles network packets, allowing an attacker to extract data during this transition process by injecting malicious code.

Since becoming aware of these vulnerabilities, the Wi-Fi Alliance has been working with device manufacturers for the past nine months to mitigate these issues. At this point, Microsoft has fixed three of the 12 bugs affecting Windows systems via patches released on March 9th. Next we should be able to expect a corresponding patch for the Linux kernel.

In addition, the Industry Consortium for the Advancement of Security (ICASI) reported on the Internet that the companies Cisco, HPE/Aruba Networks and Sierra Wireless have started developing patches to fix the vulnerabilities.

For now, users can verify that their mobile devices have initiated the required updates by examining the firmware change logs for the relevant CVE listed on the ICASI website. Users who want an alternative security option can ensure that they always visit websites using the HTTPS protocol.