fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

All Wi-Fi Devices Impacted By New FragAttacks Vulnerabilities

All Wi-Fi Devices Impacted By New FragAttacks Vulnerabilities

Newly discovered Wi-Fi security vulnerabilities collectively known as FragAttacks (fragmentation and aggregation attacks) are impacting all Wi-Fi devices (including computers, smartphones, and smart devices) going back as far as 1997.

Three of these bugs are Wi-Fi 802.11 standard design flaws in the frame aggregation and frame fragmentation functionalities affecting most devices, while others are programing mistakes in Wi-Fi products.

“Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities,” security researcher Mathy Vanhoef (New York University Abu Dhabi), who discovered the FragAttacks bugs, said.

“The discovered vulnerabilities affect all modern security protocols of Wi-Fi, including the latest WPA3 specification. Even the original security protocol of Wi-Fi, called WEP, is affected.

“This means that several of the newly discovered design flaws have been part of Wi-Fi since its release in 1997!,” Vanhoef added.

Attackers abusing these design and implementation flaws have to be in the Wi-Fi range of targeted devices to steal sensitive user data and execute malicious code following successful exploitation, potentially leading to full device takeover.

FragAttacks vulnerabilities’ impact

Luckily, as Vanhoef further found, “the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings.”

Also Read: Compliance Course Singapore: Spotlight On The 3 Offerings

However, the programming mistakes behind some of the FragAttacks vulnerabilities are trivial to exploit and would allow attackers to abuse unpatched Wi-Fi products with ease.

FragAttacks CVEs associated with Wi-Fi design flaws include:

  • CVE-2020-24588: aggregation attack (accepting non-SPP A-MSDU frames).
  • CVE-2020-24587: mixed key attack (reassembling fragments encrypted under different keys).
  • CVE-2020-24586: fragment cache attack (not clearing fragments from memory when (re)connecting to a network).

Wi-Fi implementation vulnerabilities were assigned the following CVEs:

  • CVE-2020-26145: Accepting plaintext broadcast fragments as full frames (in an encrypted network).
  • CVE-2020-26144: Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType EAPOL (in an encrypted network).
  • CVE-2020-26140: Accepting plaintext data frames in a protected network.
  • CVE-2020-26143: Accepting fragmented plaintext data frames in a protected network.

Other implementation flaws discovered by Vanhoef include:

  • CVE-2020-26139: Forwarding EAPOL frames even though the sender is not yet authenticated (should only affect APs).
  • CVE-2020-26146: Reassembling encrypted fragments with non-consecutive packet numbers.
  • CVE-2020-26147: Reassembling mixed encrypted/plaintext fragments.
  • CVE-2020-26142: Processing fragmented frames as full frames.
  • CVE-2020-26141: Not verifying the TKIP MIC of fragmented frames.

The researcher also made a video demo demonstrating how attackers could take over an unpatched Windows 7 system inside a target’s local network.

Security updates already released by some vendors

The Industry Consortium for Advancement of Security on the Internet (ICASI) says that vendors are developing patches for their product to mitigate the FragAttacks bugs.

Cisco SystemsHPE/Aruba NetworksJuniper NetworksSierra Wireless, and Microsoft [123] have already published FragAttacks security updates and advisories.

These security updates have been prepared during a 9-month-long coordinated disclosure process supervised by ICASI and the Wi-Fi Alliance.

“There is no evidence of the vulnerabilities being used against Wi-Fi users maliciously, and these issues are mitigated through routine device updates that enable detection of suspect transmissions or improve adherence to recommended security implementation practices,” the Wi-Fi Alliance said.

“As always, Wi-Fi users should ensure they have installed the latest recommended updates from device manufacturers.”

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

FragAttacks mitigation

If your device vendor hasn’t yet released security updates addressing the FragAttacks bugs, you can still mitigate some of the attacks.

This can be done by ensuring that all websites and online services you visit use Hypertext Transfer Protocol Secure (HTTPS) protocol (by installing the HTTPS Everywhere web browser extension, for instance.)

Additional mitigation advice available on the FragAttacks website suggests “disabling fragmentation, disabling pairwise rekeys, and disabling dynamic fragmentation in Wi-Fi 6 (802.11ax) devices.”

An open-source tool to determine if access points and Wi-Fi clients on your network are affected by the FragAttacks flaws is also available on GitHub.

FragAttacks technical details are available in Vanhoef’s “Fragment and Forge: Breaking Wi-Fi ThroughFrame Aggregation and Fragmentation” research paper.

During the last four years, Vanhoef also discovered the KRACK and Dragonblood attacks allowing attackers to observe the encrypted network traffic exchanged between connected Wi-Fi devices, crack Wi-Fi network passwords, forge web traffic by injecting malicious packets and steal sensitive information.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us