cisco-sa-wifi-faf-22epcEWu: Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021

First published: Tue May 11 2021(Updated: )

On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are implementation vulnerabilities. These vulnerabilities could allow an attacker to forge encrypted frames, which could in turn enable the exfiltration of sensitive data from a targeted device. This advisory will be updated as additional information becomes available. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

Credit: These vulnerabilities were reported to Cisco by Dr. Mathy Vanhoef New York University Abu Dhabisupport during the handling these vulnerabilities

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/author
• agent/type
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• collector/cisco-advisory
• source/Cisco
• agent/trending
• agent/severity
• agent/references
• agent/title
• agent/description
• agent/source
• agent/softwarecombine
• agent/tags
• agent/guess-ai
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• vendor/cisco
• canonical/cisco products