Security researchers Mathy Vanhoef and Héloïse Gollier, in collaboration with VPN testing company Top10VPN, have recently uncovered critical vulnerabilities in the Wi-Fi authentication protocols used in modern WPA2/3 networks.
These vulnerabilities pose a significant security risk as they have the potential to enable unauthorized access to sensitive data transmitted over wireless networks and compromise the security of all connected devices.
The vulnerabilities have been identified in two commonly used open-source Wi-Fi implementations – wpa_supplicant and Intel’s iNet Wireless Daemon (IWD).
Wpa_supplicant is widely used software that provides robust support for WPA, WPA2, and WPA3 security protocols. It is an integral part of the Android operating system and is present in most Linux-based devices, including Chromebooks.
IWD is a wireless daemon designed by Intel for Linux-based devices. It offers a complete and robust Wi-Fi connectivity solution with advanced features such as advanced roaming, WPA/WPA2 support, and power management. It is a reliable and efficient solution for wireless connectivity on Linux devices.
During their examination of the system for logical implementation flaws, the researchers discovered two distinct vulnerabilities that require immediate attention. They have published a research article outlining the technical weaknesses.
The first vulnerability, CVE-2023-52160 (“Phase-2 bypass”), impacts wpa_supplicant v2.10 and earlier versions, which are widely used in Android and Linux devices. An attacker can exploit this flaw to deceive victims into connecting to a fake Wi-Fi network set up by the adversary. Once connected, the attacker can intercept and monitor the victim’s network traffic. This vulnerability primarily affects devices running ChromeOS, Linux, and Android.
The second vulnerability, CVE-2023-52161 (“4-way bypass”), affects IWD v2.12 and earlier versions. It allows an attacker to gain unauthorized access to a protected Wi-Fi network and use it as if they were a legitimate user. This vulnerability specifically targets networks using IWD.
The researchers promptly reported these vulnerabilities to the respective vendors, and they have been successfully patched.
To stay updated on cybersecurity news, whitepapers, and infographics, follow us on LinkedIn & Twitter.
