Newly discovered vulnerabilities in all Wi-Fi-enabled devices going back to 1997 allow an attacker to steal data if they are in range.
Found by security researcher Mathy Vanhoef and first published by The Record Tuesday, the vulnerabilities are collectively being called “FragAttacks.” Three of the vulnerabilities are design flaws in the Wi-Fi standard and affect most devices, while the remaining vulnerabilities are the result of programming mistakes in Wi-Fi products.
Exploiting the vulnerabilities can allow an attacker within radio range to target devices in a number of ways. In one example, an attacker could inject plaintext frames into any secure Wi-Fi network. In another example, an attacker could intercept traffic by prompting the victim into using an infected DNS server.
Vanhoef notes that experiments indicate that at least one vulnerability can be found in every Wi-Fi product and that most products are affected by several vulnerabilities. He tested devices with Wi-Fi including smartphones from Google LLC, Apple Inc., Samsung Electronics Co. Ltd. and Huawei Technologies Co. Ltd; computers from Micro-Start International Co. Ltd., Dell Technologies Inc. and Apple, IoT devices from Canon Inc. and Xiaomi Inc.; routers from D-Link Corp., Linksys and ASUSTek Computer Inc.; and access points from Cisco Systems Inc., Aruba Networks and Lancom Systems GmbH.
There’s no evidence that the vulnerabilities have been exploited in the wild. Addressing the report, the Wi-Fi Alliance said that the vulnerabilities are mitigated through routine device updates that enable detection of suspect transmissions or improve adherence to recommended security implementation practices.
“FragAttacks is a textbook example of how software can have both design vulnerabilities and implementation vulnerabilities,” Jonathan Knudsen, senior security strategist at electric design automation company Synopsys Inc.’s Software Integrity Group, told SiliconANGLE. “To minimize risk, software must be created with a process that emphasizes security every step of the way.”
“Before anyone fires up a code editor, the design phase needs to include secure design principles driven by threat modeling,” Knudsen explained. “During implementation and testing, automated security testing tools help locate security vulnerabilities so that they can be fixed before release.”
Knudsen added that the software for Wi-Fi protocols presents special challenges because it is so deeply embedded in so many devices. “As with any other publicly disclosed vulnerabilities, the best defense is updating the affected software, probably network device drivers, as soon as mitigations are available,” he said.
Photo: Shaunleeyh/Wikimedia Commons
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.