FragAttacks

From HandWiki
Revision as of 23:39, 6 February 2024 by LinuxGuru (talk | contribs) (fixing)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
FragAttacks
CVE identifier(s)CVE-2020-24588,

CVE-2020-24587,
CVE-2020-24586,
CVE-2020-26145,
CVE-2020-26144,
CVE-2020-26140,
CVE-2020-26143,
CVE-2020-26139,
CVE-2020-26146,
CVE-2020-26147,
CVE-2020-26142,

CVE-2020-26141
DiscovererMathy Vanhoef

FragAttacks, or fragmentation and aggregation attacks, are a group of Wi-Fi vulnerabilities discovered by security research Mathy Vanhoef.[1] Since the vulnerabilities are design flaws in the Wi-Fi standard, any device released after 1997 could be vulnerable.[1] The attack can be executed without special privileges.[2] The attack was detailed on August 5, 2021 at Black Hat Briefings USA and at later at the USENIX 30th Security Symposium, where recordings are shared publicly.[3][4] The attack does not leave any trace in the network logs.[5]

Patches

Vanhoef worked with the Wi-Fi Alliance to help vendors issue patches.[3]

Microsoft started issuing patches for Windows 7 through Windows 10 on May 11, 2021.[6]

References

  1. 1.0 1.1 "Most Wi-Fi Devices Released Since 1997 Are Vulnerable to FragAttacks" (in en). https://www.pcmag.com/news/most-wi-fi-devices-released-since-1997-are-vulnerable-to-fragattacks. 
  2. "Decades-Old 'Frag Attack' Flaws Affect Almost Every Wi-Fi Device" (in en-US). Wired. ISSN 1059-1028. https://www.wired.com/story/frag-attack-wi-fi-vulnerabilities. Retrieved 2021-06-22. 
  3. 3.0 3.1 "FragAttacks Foil 2 Decades of Wireless Security" (in en). 2021-08-06. https://www.darkreading.com/iot/fragattacks-foil-2-decades-of-wireless-security/d/d-id/1341595. 
  4. Vanhoef, Mathy (2021) (in en). Fragment and Forge: Breaking {Wi-Fi} Through Frame Aggregation and Fragmentation. pp. 161–178. ISBN 978-1-939133-24-3. https://www.usenix.org/conference/usenixsecurity21/presentation/vanhoef. 
  5. "Why We Need to Raise the Red Flag Against FragAttacks" (in en). 2021-07-13. https://www.darkreading.com/attacks-breaches/why-we-need-to-raise-the-red-flag-against-fragattacks/a/d-id/1341485. 
  6. "Update Windows (and Lots of Other Stuff) ASAP: 'FragAttack' Bugs Found Lurking in Millions of Wifi Devices" (in en-us). 12 May 2021. https://gizmodo.com/update-windows-and-lots-of-other-stuff-asap-fragatta-1846878065. 

External links




Retrieved from "https://handwiki.org/wiki/index.php?title=FragAttacks&oldid=3388410"