Support Announcements
Regarding D-Link Products and FragAttack WiFi Vulnerability Disclosure...

 

 

 

Overview

 

On May 11, 2021, D-Link became aware of the public disclosure of "FragAttack", a collection of security vulnerabilities that affect Wi-Fi devices.
 
D-Link is investigating these reported security issues and if any D-Link Brand WiFi products are affected by these vulnerable.

 

The Industry Consortium for Advancement of Security on the Internet (ICASI) recently disclosed this collection of security vulnerabilities called FragAttacks (fragmentation and aggregation attacks) affecting Wi-Fi devices. Some vulnerabilities are widespread design flaws in the Wi-Fi standard or widespread programming mistakes in Wi-Fi products. Three of the reported vulnerabilities require additional actions by the attacker and receiver, including a man-in-the-middle attack to intercept the user’s wireless signal. As we investigate, D-Link understands, much of these attacks have dependances to attempt or are difficult to implement in a production environments.

 

The CVSS score for FragAttacks have been rated as medium severity.
 
D-Link takes the issues of network security and user privacy very seriously. We have a dedicated task force and product management team on call to address evolving security issues and implement appropriate security measures. Please check the D-Link website for updates regularly.
 

Report

 

        - FragAttack Public Disclosure Website :: Link

 

         

Details / Response

 

Product Categories
Model Families Affected Models Recommendation Updated
WiFi Devices Sold by D-Link US WiFi Devices Sold by D-Link US Under Investigation Pending 05/14/2021

 

Regarding Security patch for your D-Link Devices

 

Meanwhile, as D-Link iinvestigates and determines which D-Link devices are potentially affected, we recommends that Wi-Fi device owners regularly check their devices are updated to the latest firmware. D-Link also always advise users to connect to HTTPS websites (Link), use strong, complex  credentials for computer access and WiFi connections. For further protection, we recommend using VPN service, Anti-Virus tools, and understand connecting to the internet should be done under Zero-Trust Guidelines (Link).