Two recently discovered Wi-Fi authentication bypass vulnerabilities in open-source software could potentially expose numerous enterprise and home networks to attacks.
New Wi-Fi Authentication Bypass Vulnerabilities
Mathy Vanhoef, a professor at the KU Leuven research university in Belgium, and Heloise Gollier, a student at KU Leuven, collaborated with VPN testing company Top10VPN to identify the vulnerabilities. Vanhoef’s renowned research in Wi-Fi security includes discoveries such as the KRACK, Dragonblood, and FragAttacks vulnerabilities.
The recently revealed Wi-Fi authentication bypass vulnerabilities affect both the Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software.
Wpa_supplicant, supporting WPA, WPA2, and WPA3, is integrated into all Android devices, many Linux systems, and ChromeOS on Chromebooks.
More detail about the vulnerability
The vulnerability in Wpa_supplicant, known as CVE-2023-52160, threatens users connecting to enterprise Wi-Fi networks. Exploiting this flaw, an attacker can deceive a user into joining a fake Wi-Fi network resembling a genuine enterprise setup, thereby intercepting the victim’s traffic.
“The vulnerability can be exploited against Wi-Fi clients that don’t properly verify the authentication server’s certificate, which is common, especially with ChromeOS, Linux, and Android devices,” explained the researchers in their paper on the flaws.
Exploiting the vulnerability requires no user interaction. However, the attacker must be within range of the victim and know the SSID of an enterprise network the victim has previously connected to.
The security flaw, assigned CVE-2023-52161, in IWD allows attackers to infiltrate home or small business Wi-Fi networks. This enables them to exploit the compromised Wi-Fi network for various malicious activities, including accessing the internet, launching attacks on other devices within the network, intercepting sensitive data, and distributing malware.
“The vulnerability allows attackers to bypass message 2 and 3 of the 4-way handshake, completing the authentication process without knowing the network’s password,” stated the researchers.
Affected vendors have been notified. Google has addressed the vulnerability with the release of ChromeOS 118, and fixes for Android users are forthcoming. A patch has also been provided for Linux, though its distribution to users depends on individual Linux distributions. Mitigations are also accessible.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment