New vulnerabilities in Wpa_supplicant and IWD call into question the security of millions of users.
In the depths of open source software, new vulnerabilities have been discovered that threaten the security of countless corporate and home Wi-Fi networks. These vulnerabilities open the door to attacks, allowing hackers to bypass authentication procedures.
Mati Vanhof, a professor at the Belgian University KU Leuven, and his student Eloise Gaullier, together with Top10VPN, a company specializing in testing virtual private networks, discovered 2 vulnerabilities at once: one in the Wpa_supplicant software and another in Intel's iNet Wireless Daemon (IWD).
Professor Vanhof himself is known for his research on Wi-Fi security, including attacks such as KRACK, Dragonblood, and FragAttacks.
Wpa_supplicant, which supports the WPA, WPA2, and WPA3 standards, is used on all Android devices, most Linux devices, and the ChromeOS operating system pre-installed on Chromebooks.
The vulnerability in Wpa_supplicant, designated CVE-2023-52160, can be used to attack users of corporate Wi-Fi networks. An attacker can trick a victim into connecting to a malicious Wi-Fi network, disguising himself as a legitimate corporate network, and intercept all transmitted data.
The researchers point out that exploiting the vulnerability does not require user interaction, but the attacker must be within the range of the victim's network and know the SSID of the network that the victim previously connected to.
The second vulnerability found in the iNet Wireless Daemon, identified as CVE-2023-52161, can be used to access home or small corporate Wi-Fi networks. This opens up opportunities for connecting to the Internet, attacking other devices on the network, intercepting confidential data, and spreading malware.
Researchers reported that the vulnerability allows you to skip parts of the authentication process, allowing an attacker to connect to the network without knowing the password.
Software vendors have already been informed about the vulnerabilities. Google has released an update for ChromeOS version 118, which fixes the vulnerability, and Android users should also receive appropriate fixes soon.
For Linux, the fix is also already available, but its distribution depends on the distribution developers. Mitigation measures were also provided in the report.
In the depths of open source software, new vulnerabilities have been discovered that threaten the security of countless corporate and home Wi-Fi networks. These vulnerabilities open the door to attacks, allowing hackers to bypass authentication procedures.
Mati Vanhof, a professor at the Belgian University KU Leuven, and his student Eloise Gaullier, together with Top10VPN, a company specializing in testing virtual private networks, discovered 2 vulnerabilities at once: one in the Wpa_supplicant software and another in Intel's iNet Wireless Daemon (IWD).
Professor Vanhof himself is known for his research on Wi-Fi security, including attacks such as KRACK, Dragonblood, and FragAttacks.
Wpa_supplicant, which supports the WPA, WPA2, and WPA3 standards, is used on all Android devices, most Linux devices, and the ChromeOS operating system pre-installed on Chromebooks.
The vulnerability in Wpa_supplicant, designated CVE-2023-52160, can be used to attack users of corporate Wi-Fi networks. An attacker can trick a victim into connecting to a malicious Wi-Fi network, disguising himself as a legitimate corporate network, and intercept all transmitted data.
The researchers point out that exploiting the vulnerability does not require user interaction, but the attacker must be within the range of the victim's network and know the SSID of the network that the victim previously connected to.
The second vulnerability found in the iNet Wireless Daemon, identified as CVE-2023-52161, can be used to access home or small corporate Wi-Fi networks. This opens up opportunities for connecting to the Internet, attacking other devices on the network, intercepting confidential data, and spreading malware.
Researchers reported that the vulnerability allows you to skip parts of the authentication process, allowing an attacker to connect to the network without knowing the password.
Software vendors have already been informed about the vulnerabilities. Google has released an update for ChromeOS version 118, which fixes the vulnerability, and Android users should also receive appropriate fixes soon.
For Linux, the fix is also already available, but its distribution depends on the distribution developers. Mitigation measures were also provided in the report.
