Wi-Fi underpins modern connectivity across consumer electronics, vehicles and critical home infrastructure, making weaknesses in its implementation a systemic risk. Recent research into MediaTek Wi-Fi chipsets exposes how design shortcuts in authentication logic and frame handling can undermine long-standing trust assumptions. By abusing flaws in frame injection, key validation and management frame parsing, nearby attackers can bypass network access controls and, in some cases, execute code without knowing a Wi-Fi passphrase. Understanding how these failures occur is essential to reducing exposure across IoT and embedded environments and strengthening defensive development practices.

This session, led by Wei Che Kao, security researcher at DEVCORE, will cover:

• Wi-Fi architecture and attack surfaces across firmware and kernel layers;
• Authentication bypass through frame injection and key validation flaws;
• Exploitation of management frame parsing and buffer handling errors.