"WiFi Protocol Flaw Allows Attackers to Hijack Network Traffic"

Cybersecurity researchers have found a security vulnerability in the design of the IEEE 802.11 WiFi protocol standard that could allow attackers to deceive access points into leaking network frames in plaintext form. WiFi frames are data containers composed of a header, data payload, and trailer containing information such as the source and destination MAC address, control, and management data. These frames are ordered in queues and are sent in a controlled way to prevent collisions and optimize data exchange performance by monitoring the busy/idle conditions of the receiving points. The researchers discovered that queued/buffered frames are inadequately protected against adversaries, who can manipulate data transmission as well as carry out client spoofing, frame redirection, and capturing. According to the technical paper published by Domien Schepers and Aanjhan Ranganathan of Northeastern University, and Mathy Vanhoef of imec-DistriNet, KU Leuven, their attacks have a wide-reaching impact because they affect a variety of devices and operating systems, including Linux, FreeBSD, iOS, and Android, and can be used to hijack TCP connections or intercept client and web traffic. This article continues to discuss the security flaw in the design of the IEEE 802.11 WiFi protocol standard.

Bleeping Computer reports "WiFi Protocol Flaw Allows Attackers to Hijack Network Traffic"