Jump to content

FragAttacks

From Wikipedia, the free encyclopedia
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
FragAttacks
CVE identifier(s)CVE-2020-24588,

CVE-2020-24587,
CVE-2020-24586,
CVE-2020-26145,
CVE-2020-26144,
CVE-2020-26140,
CVE-2020-26143,
CVE-2020-26139,
CVE-2020-26146,
CVE-2020-26147,
CVE-2020-26142,

CVE-2020-26141
DiscovererMathy Vanhoef

FragAttacks, or fragmentation and aggregation attacks, are a group of Wi-Fi vulnerabilities discovered by security research Mathy Vanhoef.[1] Since the vulnerabilities are design flaws in the Wi-Fi standard, any device released after 1997 could be vulnerable.[1] The attack can be executed without special privileges.[2] The attack was detailed on August 5, 2021 at Black Hat Briefings USA and at later at the USENIX 30th Security Symposium, where recordings are shared publicly.[3][4] The attack does not leave any trace in the network logs.[5]

FragAttacks demonstration by Mathy Vanhoef

Patches

Vanhoef worked with the Wi-Fi Alliance to help vendors issue patches.[3]

Microsoft started issuing patches for Windows 7 through Windows 10 on May 11, 2021.[6]

References