Threat Management

Network traffic hijacking facilitated by WiFi protocol vulnerability

Threat actors could leverage a new security vulnerability in the IEEE 802.11 WiFi protocol standard to facilitate network frame leaks in plaintext, reports BleepingComputer. Queued or buffered Wi-Fi network frames had insufficient protections, enabling data transmission, client impersonation, capturing, and frame redirection, which could be made possible by the MacStealer information-stealing malware, a report from Northeastern University and imec-DistriNet, KU Leuven revealed. "Our attacks have a widespread impact as they affect various devices and operating systems (Linux, FreeBSD, iOS, and Android) and because they can be used to hijack TCP connections or intercept client and web traffic," said researchers, who noted that certain Asus, Aruba, Cisco, D-Link, and Lancom network devices are vulnerable to the exploit. Cisco has admitted that its Wireless Access Point and Meraki offerings with wireless functionality could be compromised by the attacks but overall security is likely to be impacted by retrieved frames. Several mitigation measures have been recommended, including the adoption of policy enforcement mechanisms in the Cisco Identity Services Engine. "Cisco also recommends implementing transport layer security to encrypt data in transit whenever possible because it would render the acquired data unusable by the attacker," said Cisco.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.