🏠 Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeiträge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden Überblick über die wichtigsten Aspekte der IT-Sicherheit in einer sich ständig verändernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch übersetzen, erst Englisch auswählen dann wieder Deutsch!

Google Android Playstore Download Button für Team IT Security

800+ IT News als RSS Feed abonnieren

Thema auswählen:

📚 Attackers Could Exploit Flaw in WiFi Protocol to Hijack TCP Connections

🕛 Zeit seit Veröffentlichung: 379 Tage, 4 Stunden 59 Minuten
📆 Veröffentlicht am: 29.03.2023 um 10:55 Uhr
💡 Newskategorie: Hacking
🔗 Quelle: blackhatethicalhacking.com

Attackers Could Exploit Flaw in WiFi Protocol to Hijack TCP Connections

Post Views: 2

Premium Content

Subscribe to Patreon to watch this episode.

Reading Time: 3 Minutes

Vulnerability in the IEEE 802.11 WiFi protocol standard

Cybersecurity researchers have found a significant vulnerability in the IEEE 802.11 WiFi protocol standard, which can be exploited by hackers to trick access points into leaking network frames in plaintext form. WiFi frames are data containers that contain information such as the source and destination MAC address, control, and management data. The researchers discovered that queued or buffered frames are not adequately protected from attackers, who can manipulate data transmission, client spoofing, frame redirection, and capturing.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Power-saving flaw

The IEEE 802.11 standard includes power-save mechanisms that allow WiFi devices to conserve power by buffering or queuing frames destined for sleeping devices. However, the standard does not provide explicit guidance on managing the security of these queued frames and does not set limitations on how long the frames can stay in this state. An attacker can spoof the MAC address of a device on the network and send power-saving frames to access points, forcing them to start queuing frames destined for the target.

Attack diagram

Attack diagram (papers.mathyvanhoef.com)

The researchers warn that these attacks could be used to inject malicious content, such as JavaScript, into TCP packets.

Devices tested by the analysts

Tested devices found vulnerable (papers.mathyvanhoef.com)

The flaw impacts devices and operating systems across various models, including Cisco, Asus, D-Link, and Aruba. While no instances of malicious use have been reported, experts warn that attackers could exploit the vulnerability to inject malicious content, such as JavaScript, into TCP packets, which could be used to exploit vulnerabilities in a victim’s browser

Cisco acknowledges vulnerability

Cisco has acknowledged the vulnerability and recommends mitigation measures, including implementing policy enforcement mechanisms and transport layer security.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: info@blackhatethicalhacking.com

Source: bleepingcomputer.com

Source Link