Multiple bugs were detected to be present in the WIFI standards and therefore is likely to affect all the devices that were manufactured using those WIFI standards. These bugs were detected by a researcher in Belgium and they were named FragAttacks (fragmentation and aggregation attacks).
The discovery-
The researcher stated that some of these bugs dated back to 1997 which affect smartphones, computers, and other smart devices.
- If the device is present in the radio range of the attacker, then their devices can be taken over and the information of the owner can be stolen.
- The researcher found that all of the 75 devices he tested were vulnerable to at least on of the discovered attacks.
- These vulnerabilities were tracked as CVE-2020-24588, CVE-2020-24587, and CVE-2020-24586.
- Along with these, another chunk of flaw was discovered known as implementation flaw, which are present in the way WIFI devices are implemented.
How these bugs can be exploited?
The attackers have numerous ways to exploit these vulnerabilities. The vulnerabilities are linked to the processes WiFi standard breaks and reassembles network packets. This enables the attackers to steal data by injection of malicious code during the operation.
Conclusion-
The prevention of exploitation of the devices is possible by updating the devices frequently, using proper passwords, and backing up the important data. DNS servers should be configured manually to stop the poisoning attacks. Use of HTTP is also recommended.
