Security Alert (A21-05-09): Multiple Vulnerabilities in Wi-Fi devices


 

Published on: 13 May 2021

Description:

Multiple vulnerabilities are found in Wi-Fi devices that use Wi-Fi 802.11 standard. An attacker within range of a Wi-Fi network could inject the specially crafted frame to exploit the vulnerabilities.

 

Affected Systems:

  • All devices that use Wi-Fi 802.11 standard

 

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, DNS poisoning, information disclosure, security feature bypass and take control of the devices behind the affected Wi-Fi network.

 

Recommendation:

The vulnerabilities are fixed in some of the product vendors such as Cisco and Intel. The below list is not exhaustive and system administrators should check with their product vendors to confirm if their devices are affected and the availability of patches. System administrators should apply the patches or follow the recommendations provided by the product vendors to mitigate the risk.

  • Cisco Systems
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu
  • HPE/Aruba Networks
    https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-011.txt
  • Intel
    https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
  • Juniper Networks
    https://kb.juniper.net/JSA11170
  • Linksys
    https://www.linksys.com/us/support-article/?articleNum=246427#ff
  • Microsoft
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24587
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24588
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26144
  • Netgear
    https://kb.netgear.com/000063666/Security-Advisory-for-Fragment-and-Forge-vulnerabilities-on-some-WiFi-capable-devices-PSV-2021-0014-PSV-2021-0080
  • Sierra Wireless
    https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2021-003.ashx

To mitigate the risk of being compromised by the vulnerabilities, users should ensure that an additional layer of encryption, such as TLS and VPN, is enforced when using Wi-Fi network for transmission of classified information.

 

More Information:

  • https://www.fragattacks.com/
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24586 (to CVE-2020-24588)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26139 (to CVE-2020-26147)


Tag: Wi-Fi
Tags