New Research Warns 6 GHz Wi-Fi Security Flaws Could Disrupt Critical Infrastructure
What happened
Researchers from Pennsylvania State University and Idaho National Laboratory have identified security weaknesses in Automated Frequency Coordination (AFC), the system responsible for managing 6 GHz Wi-Fi spectrum and preventing interference with critical communications infrastructure.
The findings will be presented at Black Hat USA 2026 by researchers Yilu Dong and Tianchang Yang, who argue that AFC systems place too much trust in external data sources such as GPS, Global Navigation Satellite System (GNSS) signals, DNS responses, Network Time Protocol (NTP), and Wi-Fi-based location data.
According to the researchers, attackers could manipulate these inputs to provide false location or timing information to Wi-Fi access points. This could result in incorrect frequency and power assignments, potentially interfering with protected radio services or preventing legitimate devices from operating on the 6 GHz spectrum.
In a separate proof-of-concept demonstration, the research team also showed that implementation flaws in some commercial AFC clients could allow attackers to impersonate AFC servers and inject forged responses. While no real-world attacks have been reported, the researchers believe these architectural weaknesses deserve immediate attention.
Who is affected
The research primarily impacts organizations deploying 6 GHz Wi-Fi networks, including enterprises, service providers, equipment manufacturers, and operators of critical infrastructure.
Industries that rely on protected spectrum, such as public safety communications, radio observatories, cellular backhaul networks, and energy infrastructure, could also face indirect risks if interference occurs. Vendors developing Wi-Fi access points and AFC-enabled devices may need to strengthen their implementations to reduce potential attack paths.
Why CISOs should care
Although the vulnerabilities have not been exploited in the wild, the research highlights how trusted external services can become unexpected attack surfaces. Rather than attacking encrypted AFC communications directly, adversaries could manipulate supporting services such as location, DNS, or time synchronization to influence system behavior.
For security leaders, this serves as another reminder that resilient infrastructure depends not only on strong encryption but also on validating the integrity of external dependencies. As organizations continue adopting newer wireless technologies, security assessments should extend beyond network traffic to include positioning systems, synchronization services, and third-party infrastructure that influence operational decisions.
3 practical actions
Review 6 GHz Wi-Fi deployments to identify where AFC-enabled devices rely on external location, DNS, and time synchronization services.
Strengthen supporting infrastructure by securing DNS and NTP services, monitoring for spoofing attempts, and validating location information where possible.
Engage with wireless vendors to understand whether AFC-related mitigations, firmware updates, or spoofing detection capabilities are available or planned.


