Partner Program
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Data Sheets
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoStart Free Trial
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Data Sheets
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoStart Free Trial

FragAttacks – Allowing adversaries to steal data by intercepting vulnerable network traffic from Wi-Fi devices

Threat Level – Amber | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

Multiple vulnerabilities aka FragAttacks(fragmentation and aggregation attacks) have been found in Wi-Fi devices that makes most of the smartphones, servers, and operating systems susceptible to these. These vulnerabilities not only affect the latest Wi-Fi security protocol WPA3 but also affects the oldest protocol namely WEP which was released in 1997. Researchers have found 3 different types of flaws which includes Design Flaws( CVE-2020-24588, CVE-2020-24587, CVE-2020-24586), Implementation vulnerabilities that allow the trivial injection (CVE-2020-26145, CVE-2020-26144, CVE-2020-26140, CVE-2020-26143) and other implementation flaws (CVE-2020-26139,CVE-2020-26146,CVE-2020-26147,CVE-2020-26142,CVE-2020-26141)

Vulnerability Details

For details, please refer to the pdf version of the advisory here

Patch Link

https://github.com/vanhoefm/fragattacks/blob/master/ADVISORIES.md
References

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox