IMPORTANT NOTICE FragAttacks Wi-Fi Vulnerability

We have been made aware by the Wifi Alliance about a new set of Wifi vulnerabilities, called “FragAttacks”. This is not a Wifi Manufacturer problem, but an issue for the whole industry concerning all devices that use the 802.11 Wi-Fi protocol.

IT Hospitality is closely following with the manufacturers to make sure that fixes will be shared as soon as possible to have all hardware updated.

Find below details and clarifications :  

Description 

On May 11, 2021, the Wi-Fi Alliance (WFA) revealed a new set of Wi-Fi vulnerabilities called the FragAttacks.  

This is a collection of 12 Common Vulnerabilities and Exposures (CVEs) as described in this paper by Mathy Vanhoef of New York University Abu Dhabi. This is the same researcher who previously discovered the KRACK and Dragonblood vulnerabilities. In FragAttacks, some attacks exploit both design flaws in the IEEE 802.11 Wi-Fi protocol (i.e. the design of the original protocol in the standard) and the implementation flaws (i.e. how vendors chose to implement the protocol), while the remaining attacks exploit only the implementation flaws.

Impact 

All devices that use the 802.11 Wi-Fi protocol are susceptible to the FragAttacks vulnerability. These vulnerabilities may be exploited by an attacker using a man-in-the-middle (MITM) attack to exfiltrate data from the network.   

All Wi-Fi Access Points (APs) and Wi-Fi client devices across our industry, including RUCKUS APs, are susceptible to the FragAttacks vulnerability.  

This vulnerability does NOT impact IT Hospitality WIFI networks.

We are actively engaged with all Wi-Fi Manufacturers to identify affected products and assess methods of remediation.   

Fixes 

IT Hospitality will download software fixes for this vulnerability from Wifi Manufacturers. Both Wi-Fi access points and the Wi-Fi client devices must be patched to fix the vulnerability. 802.11ax (Wi-Fi 6) and 802.11ac Wave 2 APs will be fixed first as a priority.

Legacy APs (802.11ac Wave 1 and earlier) will receive fixes once available. 

Resources 

  1. Central Resource center for all collateral related to FragAttacks – Central Resource Center
  2. Security Bulletin and Software patches  – support site
SHARE

Recent Posts

HSG Holding acquires leading MEA region technology integration company — IT Hospitality Group — as it rolls out its long-term investment plans focused on the hospitality industry

HSG Holding has acquired IT Hospitality Group in a definitive agreement which launches its rollout of investments in the global hospitality industry Hospitality Industry. This acquisition will enable the IT Hospitality Group’s management to better support its increased market expansion across the region, establish new offices, and bring more services to its clients.    Casablanca […]

Read More

Kennedy Ombok joins IT Hospitality Group as Regional Development Manager for East Africa.

IT Hospitality Group, the preferred system integrator for International Hotel Chains in Middle East & Africa….

Read More
Request a call back