The IEEE 802.11 WiFi protocol standard has a fundamental security weakness that allows attackers to deceive access points into exposing network frames in plaintext, according to cybersecurity researchers. WiFi frames are data packets made up of a header, data payload, and trailer that contain data like the MAC addresses of the source and destination as well as control and management information.
By keeping track of the busy/idle states of the receiving points, these frames are broadcast in a regulated manner to prevent collisions and to maximise data exchange performance. Queued/buffered frames are not sufficiently protected from adversaries, who can control data delivery, client spoofing, frame redirection, and capturing, according to the researchers.