IMPORTANT NOTICE FragAttacks Wi-Fi Vulnerability

12 May 2021

We have been made aware by the Wifi Alliance about a new set of Wifi vulnerabilities, called “FragAttacks”. This is not a Wifi Manufacturer problem, but an issue for the whole industry concerning all devices that use the 802.11 Wi-Fi protocol.

IT Hospitality is closely following with the manufacturers to make sure that fixes will be shared as soon as possible to have all hardware updated.

Find below details and clarifications :

Description

On May 11, 2021, the Wi-Fi Alliance (WFA) revealed a new set of Wi-Fi vulnerabilities called the FragAttacks.

This is a collection of 12 Common Vulnerabilities and Exposures (CVEs) as described in this paper by Mathy Vanhoef of New York University Abu Dhabi. This is the same researcher who previously discovered the KRACK and Dragonblood vulnerabilities. In FragAttacks, some attacks exploit both design flaws in the IEEE 802.11 Wi-Fi protocol (i.e. the design of the original protocol in the standard) and the implementation flaws (i.e. how vendors chose to implement the protocol), while the remaining attacks exploit only the implementation flaws.

Impact

All devices that use the 802.11 Wi-Fi protocol are susceptible to the FragAttacks vulnerability. These vulnerabilities may be exploited by an attacker using a man-in-the-middle (MITM) attack to exfiltrate data from the network.

All Wi-Fi Access Points (APs) and Wi-Fi client devices across our industry, including RUCKUS APs, are susceptible to the FragAttacks vulnerability.

This vulnerability does NOT impact IT Hospitality WIFI networks.

We are actively engaged with all Wi-Fi Manufacturers to identify affected products and assess methods of remediation.

Fixes

IT Hospitality will download software fixes for this vulnerability from Wifi Manufacturers. Both Wi-Fi access points and the Wi-Fi client devices must be patched to fix the vulnerability. 802.11ax (Wi-Fi 6) and 802.11ac Wave 2 APs will be fixed first as a priority.

Legacy APs (802.11ac Wave 1 and earlier) will receive fixes once available.

Resources

Central Resource center for all collateral related to FragAttacks – Central Resource Center
Security Bulletin and Software patches – support site

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

IMPORTANT NOTICE FragAttacks Wi-Fi Vulnerability

Recent Posts

01

Kennedy Ombok joins IT Hospitality Group as Regional Development Manager for East Africa.

10

Linda Costandi joins IT Hospitality Group

IMPORTANT NOTICE FragAttacks Wi-Fi Vulnerability

SHARE

Recent Posts

01

Kennedy Ombok joins IT Hospitality Group as Regional Development Manager for East Africa.

10

Linda Costandi joins IT Hospitality Group