SA-2023-046 - Framing Frames: Bypassing Wi-Fi Encr... - Extreme Networks

Summary

Attackers can manipulate the power save state during a client association attempt. This causes the buffered SA-Query/SA-Response mechanism to timeout, allowing the AP to accept the attacker's association attempt and drop the victim client.

Products Potentially Affected

OS/Product	Exposure
IQ Engine (HiveOS)	Yes
Extreme Wireless (IdentiFi)	Yes
WiNG	Yes

Repair Recommendations

Wi-Fi systems should be used with WIPS, like ADSP. ADSP has MAC Spoof Activity Observed alarm which can identify the adversary.

Please see the full security advisory article here for more details and updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN

Extreme Networks

SA-2023-046 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Denial of

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)