Most Wi-Fi Devices Released Since 1997 Are Vulnerable to FragAttacks

Wi-Fi connections are now commonplace at home, at work, and even when we’re out in public, but unfortunately, they are all vulnerable to newly discovered FragAttacks (fragmentation and aggregation attacks).

As The Record reports, FragAttacks are a collection of vulnerabilities discovered by well-known Belgian security researcher Mathy Vanhoef who has gone into detail about how they work on his FragAttacks website. The bad news is, every Wi-Fi device released since 1997 is potentially vulnerable, and that’s due to a perfect storm of flaws both in the Wi-Fi standard and Wi-Fi products.

As a test, Vanhoef tried FragAttacks on 75 devices and every single one of them was vulnerable. He also pre-recorded a 12-minute talk discussing FragAttacks for USENIX Security ’21 taking place in August, which you can watch below:

As Vanhoef explains, “Three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and therefore affect most devices. On top of this, several other vulnerabilities were discovered that are caused by widespread programming mistakes in Wi-Fi products. Experiments indicate that every Wi-Fi product is affected by at least one vulnerability and that most products are affected by several vulnerabilities.”

It doesn’t matter if your device is using the original WEP security protocol or the latest WPA3 spec, the vulnerabilities were discovered in older sections of the Wi-Fi protocol, and those sections has never been updated or improved so are present on all devices. The good news is, the design flaws are hard to exploit as they require user interaction, but the programming mistakes are trivial to take advantage of. Below is a video demonstrating how easy it is to take advantage of them:

Some more good news is the fact nine months have been spent coordinating disclosure of the vulnerabilities under the supervision of the Wi-Fi Alliance and the Industry Consortium for Advancement of Security (ICASI), and security updates prepared. It’s now up to device makers to implement the updates and release new firmware. That’s no small task considering how many different types of device have been released over the past 24 years. So far, Cisco, HPE/Aruba, and Sierra Wireless have released patches and other vendors are expected to follow in the coming weeks.

Until devices are patched, Vanhoef recommends a few measures that can be taken to protect yourself. Top of the list is simply to check the websites you are visiting use HTTPS, which is easily done by using the HTTPS Everywhere plugin offered by the EFF. Then there’s the usual advice—keep all your devices updated, don’t reuse passwords, use a good security suite, and keep regular backups of your data. Then just wait and hope your Wi-Fi device manufacturer(s) release patches soon.