Security News New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

[silversurfer]

Content source

https://thehackernews.com/2024/05/new-wi-fi-vulnerability-enabling.html

Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic.

The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on WEP, WPA3, 802.11X/EAP, and AMPE protocols.

The method "involves downgrading victims to a less secure network by spoofing a trusted network name (SSID) so they can intercept their traffic or carry out further attacks," Top10VPN said, which collaborated with KU Leuven professor and researcher Mathy Vanhoef.

"A successful SSID Confusion attack also causes any VPN with the functionality to auto-disable on trusted networks to turn itself off, leaving the victim's traffic exposed."

 

[Victor M]

This attack is not new.

 

[Trident]

I am not sure to what extent this is a problem nowadays, given that HTTP is almost fully phased out. Definitely a security risk though.

 

[ForgottenSeer 109138]

I am not sure to what extent this is a problem nowadays, given that HTTP is almost fully phased out. Definitely a security risk though.

There is not only this, but its a lot of work considering the attacker must be within range to perform an AiTM, for a targeted attack, this scenario has the risk-adjusted return factor of minimal and not likely something that would be deployed often if ever.