In wireless Wi-Fi networks found a serious vulnerability

Cybersecurity experts have discovereda dangerous vulnerability in the basic Wi-Fi standard known as IEEE 802.11 and in existence since 1997. It allows attackers to intercept data transmitted over a wireless connection.

The problem lies in the mechanisms of energy saving,allowing Wi-Fi connected devices to save power by buffering or queuing frames destined for idle gadgets. When switching to this mode, the device sends the appropriate command to the router. After that, all frames intended for it are queued. Once the instrument wakes up, the access point dequeues buffered frames, applies encryption, and sends them to their destination. And it is precisely in this process that attackers can intervene.

The authors of the study created an application forcalled MacStealer, which allows you to manually put a device connected to the network into standby mode by queuing the frames transmitted to it. After that, a potential hacker can change the security context of the frames, forcing the router to transmit the accumulated data in plain text or encrypt it using its own key. After that, a command is sent to wake up the target device, and the attacker can intercept the information in a format accessible to him. In addition, malicious code can be injected into TCP packets in the same way.

The vulnerability was found on various models of routers from different brands, including Lancom, Aruba, Cisco, ASUS and D-Link. By the way, Cisco has already confirmed the reality of this threat.

Source: mathyvanhoef