New paper about wireless technologies vulnerability (BREAK)

mMontana
mMontana Posts: 1,421  Guru Member
50 Answers 1000 Comments Friend Collector Fifth Anniversary
in Wireless

According to a news from Northeastern University, a paper has been published regarding an intrinsic wireless standar vulnerability that can be exploited for gaining access to wireless networks.

Five italian security researchers are signing the paper.

link to the article
https://news.northeastern.edu/2025/01/09/wifi-security-vulnerability-research/

link to the paper
https://mentis.info/wp-content/uploads/2025/01/INFOCOM2025_BREAK_2025.pdf

According to the paper, in May the final verison will be presented at London IEEE INFOCOM

Seems that security issues even in 2025 won't have a BREAK. dmnd.

All Replies

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,872  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi users,

    The BREAK attack reveals a severe vulnerability in the Wi-Fi MU-MIMO protocol. The attacker eavesdrops on the MU-MIMO feedback from other STAs (which is transmitted in plaintext) and then crafts malicious feedback to manipulate the AP’s precoding, thereby reducing the overall network throughput.

    Unfortunately, solving this vulnerability may require an update to the Wi-Fi standard itself. We have already reported our concern to our chipset vendor and will continue to monitor IEEE's countermeasures and fixes for this technical vulnerability.

  • mMontana
    mMontana Posts: 1,421  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    In wifi communications this kind of vulerability is close to the Spectre-Meltdown event for CPUs.

    I don't see Wifi8 coming so soon, without solving these kind of issue, and I'm waiting for a backward compatiblity-break for some features in the future.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,872  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @mMontana ,

    We are waiting for the chipset vendor to provide a solution before we can implement a fix.

    By the way, could you explain what you mean by "a backward compatibility break"?

  • mMontana
    mMontana Posts: 1,421  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    AFAIK, even latest 802.11be AP (WiFi7) can communicate with 802.11a network card, if the security protocols are managed/allowed on both sides.

    How much time will it last? Not so much…

    I'm especting some future release of wireless ethernet that will break this kind of backward compatibility Wifi4 is probably the second or the first most diffused standard among all devices but I won't bat that new AP in three years will support that protocol.

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,872  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security Zyxel Certified Network Engineer Level 1 - Nebula

    Hi @mMontana ,

    Thank you for your feedback. We will continue to monitor and assess this vulnerability.

Categories

Wireless Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)