Wi-Fi Alliance® Discloses FragAttacks

The Wi-Fi Alliance® shared that security researchers identified vulnerabilities in Wi-Fi devices. The vulnerability is called, FragAttacks. CommScope’s Vice President of Information Security blogs about simple steps to ensure protection and additional information for customers.

Since its introduction in 1997, Wi-Fi researchers have found various vulnerabilities that could be the target of potential hacker attacks, and the industry has always found ways to manage them.

Today, Wi-Fi Alliance® shared that security researchers identified new vulnerabilities in Wi-Fi devices. The vulnerability is called FragAttacks and it is a so-called Man-In-The-Middle (MITM) vulnerability that relates to the way internet traffic is sent between Wi-Fi access points and user devices. It’s important to note that there is presently no evidence of the vulnerabilities being used against Wi-Fi users maliciously and these issues are mitigated through routine device updates once updated firmware becomes available.

Like many previous vulnerabilities, FragAttacks has been academically well-researched and responsibly reported in a manner allowing the industry to proactively prepare and begin to roll out updates that fully eliminate the vulnerabilities. This set of vulnerabilities requires a potential attacker to be physically within range of the Wi-Fi network (or user device) in order to exploit it. This significantly reduces the likelihood of actual exploitation or attack.

What else can you do to better secure your network and help mitigate the risk of any vulnerability? Here are a few simple tips.

  • Keep your devices up-to-date: FragAttacks and many other potential issues are easily mitigated through routine device updates, always update IoT and personal computing devices (PCs, mobile phones, tablets) to the latest software
  • Change up your password(s): Update and/or change default passwords on home networking IoT devices (e.g., smart home devices, smart security, surveillance cameras, and routers).
  • Secure It: Keep anti-virus and anti-malware software updated on personal computing devices. When browsing the internet or using online services look for an encrypted connection, which often resembles a padlock in the browser and the website will start with ‘https’.

By taking those simple steps, you can be better protected against the FragAttacks vulnerability and many others. To learn more about FragAttacks, CommScope’s counter-measures and the most updated patch release information, visit:

  • If you use ARRIS SURFboard Wi-Fi routers or gateways, go to the ARRIS Consumer Product Support site for more information.
  • If you are a customer of RUCKUS enterprise Wi-Fi products, please visit the FragAttacks Central Resource Center for more information, including an article by Jim Palmer.  

CommScope is in the process of providing patches to service providers. If you are a user of a Wi-Fi device provided by your Service Provider, then your service provider will be making these available once fully tested.