In the last few days, more and more articles about vulnerabilities in the Wifi area have appeared. These FragAttacks (fragmentation and aggregation attacks) which is a collection of new security vulnerabilities affects Wi-Fi devices from different vendors.
heise.de: FragAttacks: Neue Angriffe gefährden nahezu alle WLAN-Geräte (German article)
There is a separate web page with more information about this attack:
On this page we collect information from our vendors so that you can react accordingly and provide information to affected customers.
The Stellar AP’s are affected from the CVE-2020-24588 (medium) and the Wifi 5 AP’s additionally from the CVE-2020-26146 (medium).
Our team is working on the patch (will take a few more weeks to patch).
As a best practice, we continue to actively recommend Rogue AP Detection/Protection (WIDS/WIPS) to more strongly counter the Man in the Middle attack until the patch is available.
Additionally, using the new authentication standards WPA3 (with PMF) as well as certificate-based authentication will help.
PSIRT: Multiple Products – Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks)
Watchguard will provide updates for the following products:
- Firebox with build-in WLAN
- APs managed by a Firebox (Gateway Wireless Controller)
- APs managed by the Wi-Fi Cloud
As soon as the above updates are ready, Watchguard will inform customers and partners.
- Update firmware as soon as ready
- Make sure that https is used
- Use WIPS https://www.watchguard.com/de/wgrd-products/access-points/wips