| CVE identifiers | CVE-2020-24588, CVE-2020-24587, |
|---|---|
| Discoverer | Mathy Vanhoef |
FragAttacks, or fragmentation and aggregation attacks, are a group of Wi-Fi vulnerabilities discovered by security researcher Mathy Vanhoef.1 Since the vulnerabilities are design flaws in the Wi-Fi standard, any device released after 1997 could be vulnerable.1 The attack can be executed without special privileges.2 The attack was detailed in August 2021 at Black Hat Briefings USA and later at the USENIX 30th Security Symposium, where recordings are shared publicly.34 The attack does not leave any trace in the network logs.5
Patches
Vanhoef worked with the Wi-Fi Alliance to help vendors issue patches.3
Microsoft started issuing patches for Windows 7 through Windows 10 on May 11, 2021.6
References
References
- "Most Wi-Fi Devices Released Since 1997 Are Vulnerable to FragAttacks". PCMAG. Retrieved 2021-05-13.
- "Decades-Old 'Frag Attack' Flaws Affect Almost Every Wi-Fi Device". Wired. ISSN 1059-1028. Retrieved 2021-06-22.
- "FragAttacks Foil 2 Decades of Wireless Security". Dark Reading. 2021-08-06. Retrieved 2021-12-25.
- Vanhoef, Mathy (2021). Fragment and Forge: Breaking {Wi-Fi} Through Frame Aggregation and Fragmentation. pp. 161–178. ISBN 978-1-939133-24-3.
- "Why We Need to Raise the Red Flag Against FragAttacks". Dark Reading. 2021-07-13. Retrieved 2021-12-25.
- "Update Windows (and Lots of Other Stuff) ASAP: 'FragAttack' Bugs Found Lurking in Millions of Wifi Devices". Gizmodo. 12 May 2021. Retrieved 2021-06-22.
External links
External links