FragAttack: Security Flaws in all Wi-Fi devices

In the last few days, more and more articles about vulnerabilities in the Wifi area have appeared. These FragAttacks (fragmentation and aggregation attacks) which is a collection of new security vulnerabilities affects Wi-Fi devices from different vendors.

heise.de: FragAttacks: Neue Angriffe gefährden nahezu alle WLAN-Geräte (German article)

There is a separate web page with more information about this attack:
https://www.fragattacks.com/

On this page we collect information from our vendors so that you can react accordingly and provide information to affected customers.

Alcatel-Lucent

Advisory: OmniAccess Stellar 802.11 Frame Aggregation and Fragmentation Vulnerabilities

The Stellar AP’s are affected from the CVE-2020-24588 (medium) and the Wifi 5 AP’s additionally from the CVE-2020-26146 (medium).

Our team is working on the patch (will take a few more weeks to patch).

As a best practice, we continue to actively recommend Rogue AP Detection/Protection (WIDS/WIPS) to more strongly counter the Man in the Middle attack until the patch is available.

Additionally, using the new authentication standards WPA3 (with PMF) as well as certificate-based authentication will help.

Fortinet

PSIRT: Multiple Products – Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks)
https://www.fortiguard.com/psirt/FG-IR-21-071

WatchGuard

KB Article: WatchGuard Wi-Fi products and the FragAttacks vulnerabilities
Blog: WiFi FragAttacks

Watchguard will provide updates for the following products:

• Firebox with build-in WLAN
• APs managed by a Firebox (Gateway Wireless Controller)
• APs managed by the Wi-Fi Cloud

As soon as the above updates are ready, Watchguard will inform customers and partners.

Best practices:

• Update firmware as soon as ready
• Make sure that https is used
• Use WIPS https://www.watchguard.com/de/wgrd-products/access-points/wips