Domien Schepers and Aanjhan Ranganathan of Northeastern University and Mathy Vanhoef of imec-DistriNet, KU Leuven, have published a paper demonstrating a flaw in the way WiFi access points handle power saving requests to and from devices. This could enable a threat actor to manipulate the WiFi frames passing between devices and allow the possibility of injecting, for instance, malicious Java script code.
Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues | USENIX
This is not a real world (yet) just research – your take away from this should be to check the security of all the WiFi access points on your network. Do they need patching? We often find these gateways to client networks have been neglected when it comes to updates.
Clive Catton MSc (Cyber Security) – by-line and other articles
References
Schepers, D., Ranganathan, A., & Vanhoef, M. Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues.
