- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Two new vulnerabilities have been identified in WiFi software affecting devices connecting to both enterprise and home networks. The wpa_supplicant vulnerability (CVE-2023-52160) impacts all Android devices, Linux distributions using the default WiFi client, and ChromeOS devices. It allows attackers to create malicious clones of trusted Enterprise WiFi networks to intercept traffic. The IWD vulnerability (CVE-2023-52161) affects Linux devices used as wireless access points, enabling unauthorized access to protected home WiFi networks. Users are advised to update their systems with the provided patches to protect against these security flaws.
You must log in or register to comment.
CVE-2023-52160:
For a successful attack, wpa_supplicant must be configured to not verify the network’s TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication.
Well yea, if you bypass cert verification, bad things can happen.
The other one’s pretty bad in that it doesn’t require misconfiguration, although I imagine most commercial APs don’t use iwd.
deleted by creator
I mean, cool, I’m glad people are finding these, but I don’t think they warrant panic or anything. Both can be mitigated relatively easily without a patch.
