Mathy Vanhoef, a security expert from Belgium, has found vulnerabilities in the WiFi standard itself that could compromise all devices sold in the last 24 years.
The WiFi networks They have been with us for so long that we practically do not even remember how long they have been there, but what we can tell you is since when WiFi has been compromising the security of our devices, and is that a Belgian researcher has discovered a series of vulnerabilities that they date back to 1997. Yes friends, 24 years ago no less …
It’s about some flaws in the WiFi standard itself that they explained to us from The Record, and that the security expert Mathy Vanhoef has referred to as Frag Attacks confirming that these types of attacks are actually quite dangerous.
In fact, it is that an attacker within the range of the WiFi network could not only collect owner information from other devices, but also run malicious code or malware directly on the device, be it a PC or a smartphone, and even any other smart device.
A Belgian expert has discovered important vulnerabilities in WiFi standards that affect millions of devices, in fact practically all those sold with this connectivity in the last 24 years.
The shards are to blame, and the patches are already on the way
According to Mathy Vanhoef himself, it seems that three of the discovered vulnerabilities directly affect the WiFi standard and their operating architectures, while the others are behind programming errors in the implementation of the standard in the devices.
In fact, attacks targeting these vulnerabilities call them Frag Attacks precisely because they use the way they the WiFi standard “breaks” data packets and reassembles them later, allowing a third party to insert malicious code alongside data legitimate during this operation.
We know at least that the WiFi Alliance is on track and working on patches that remedy these security flaws, although the Belgian expert wanted to be as transparent as possible:
Our experiments indicate that all WiFi products are affected by at least one vulnerability, and that most products are affected by multiple ‘Frag Attack’ vulnerabilities.
They further confirm that the WiFi Alliance has been working for several months to improve the security of the standard, and that firmware updates have been sent to various manufacturers to correct these vulnerabilities. They also indicate that other patches are coming soon to complete the resolution of all the bugs found.
For now, you can check the latest updates of your routers and devices to see if these 12 Frag Attacks have been patched or not, looking for references to the codes of all these vulnerabilities reported:
WiFi standard design flaws: CVE-2020-24588 CVE-2020-24587 CVE-2020-24586 WiFi standard implementation flaws: CVE-2020-26145 CVE-2020-26144 CVE-2020-26140 CVE-2020-26143 Other implementation flaws: CVE-2020 -26139CVE-2020-26146CVE-2020-26147CVE-2020-26142CVE-2020-26141
The best part comes when Mathy Vanhoef explains that these vulnerabilities exist and are dangerous, but certainly not so easy to exploit as some of them even need user interaction.
In addition, it explains that the most basic protection against problems of this type is always access the Internet through HTTPS connections, something that by the definition of the protocol would already prevent these attacks and therefore the execution of code.
You know, on the Internet you are never safe, so be careful and use secure connections!
Related topics: Technology