Security researchers Mathy Vanhoef and Héloïse Gollier, have recently uncovered several critical vulnerabilities in the Wi-Fi authentication protocols used in modern WPA2/3 networks collaborating with VPN testing company Top10VPN.
The identified flaws pose a significant security risk as they could potentially enable unauthorized access to sensitive data transmitted over wireless networks and compromise the security of all connected devices.
The vulnerabilities are present in two commonly used open-source Wi-Fi implementations – wpa_supplicant and Intel’s iNet Wireless Daemon (IWD).
Wpa_supplicant is a widely used software that offers robust support for WPA, WPA2, and WPA3 security protocols. It is an integral part of the Android operating system and is also present in most Linux-based devices, including the ChromeOS used in Chromebooks.
iNet wireless daemon (IWD) is a wireless daemon designed by Intel for Linux-based devices. It offers a complete and robust Wi-Fi connectivity solution, providing advanced features such as advanced roaming, WPA/WPA2 support, and power management. It is a highly reliable and efficient solution for wireless connectivity on Linux devices.
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks
.
Two Security Flaws
As researchers were examining the system for logical implementation flaws, they came across two distinct vulnerabilities that require immediate attention. They published a research article outlining the technical weaknesses.
CVE-2023-52160 (“Phase-2 bypass”)
A security flaw has been identified in wpa_supplicant v2.10 and earlier versions, which are widely used in Android and Linux devices.
This vulnerability can be exploited by an attacker to deceive the victim into connecting to a fake Wi-Fi network set up by the adversary. Once connected, the attacker can intercept and monitor the victim’s network traffic.
The security flaw can be taken advantage of by attackers against Wi-Fi clients that lack proper configuration for authentication server certificate verification.
Such incidents are still prevalent in reality, particularly with devices that run on ChromeOS, Linux, and Android platforms.
CVE-2023-52161 (“4-way bypass”):
An exploitable vulnerability has been discovered in IWD v2.12 and earlier versions that allows an attacker to gain unauthorized access to a protected Wi-Fi network. Upon gaining access, the attacker can use the network as if they were a legitimate user.
In the context of Wi-Fi network security, an attacker can leverage the IWD (iNet Wireless Daemon) to gain unauthorized access to the network and connected devices.
This can allow the attacker to potentially launch further attacks on the network or other clients connected to it. The only prerequisite for the attack is that the Wi-Fi network in question must be using IWD.
The researchers discovered two vulnerabilities which were promptly reported to the respective vendors. The vulnerabilities have been successfully patched by the vendors.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.