Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

New Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise Networks

A couple of Wi-Fi authentication bypass vulnerabilities found in open source software can expose enterprise and home networks to attacks.

Wi-Fi attack

A couple of new Wi-Fi authentication bypass vulnerabilities found in open source software could expose many enterprise and home networks to attacks.

The vulnerabilities were discovered by Mathy Vanhoef, a professor at the KU Leuven research university in Belgium, and Heloise Gollier, a student at KU Leuven, in collaboration with VPN testing company Top10VPN. Vanhoef is well known for his research in the field of Wi-Fi security, including for the attacks named KRACK, Dragonblood, and FragAttacks.

The newly disclosed Wi-Fi authentication bypass vulnerabilities have been found in Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software.

Wpa_supplicant, which provides support for WPA, WPA2 and WPA3, is present in all Android devices, a majority of Linux devices, and the Chromebook operating system ChromeOS. 

The vulnerability identified in Wpa_supplicant, tracked as CVE-2023-52160, can be exploited against users connecting to an enterprise Wi-Fi network. The flaw can allow an attacker to trick a targeted user into connecting to a malicious Wi-Fi network set up to mimic a legitimate enterprise network. The attacker can then intercept the victim’s traffic.

“The vulnerability can be exploited against Wi-Fi clients that are not properly configured to verify the certificate of the authentication server, which unfortunately still often occurs in practice, in particular with ChromeOS, Linux, and Android devices,” the researchers wrote in a paper describing the flaws.

No user interaction is required to exploit the vulnerability. The attacker, however, needs to be in range of the victim and know the SSID of an enterprise network the victim previously connected to. 

The security hole found in IWD is tracked as CVE-2023-52161 and it can be exploited to gain access to home or small business Wi-Fi networks. The attacker can abuse the targeted Wi-Fi network for various activities, including to connect to the internet, and attack other devices on the network. An attacker can also intercept sensitive data and deliver malware.

Advertisement. Scroll to continue reading.

“The vulnerability allows an adversary to skip message 2 and 3 of the 4-way handshake, enabling an adversary to complete the authentication process without knowing the network’s password,” the researchers said.

Impacted vendors have been informed. Google has patched the vulnerability with the release of ChromeOS 118 and Android users should have the fixes soon. A patch is also available for Linux, but it’s up to Linux distributions to deliver it to users. Mitigations are also available. 

Related: Recovering Wi-Fi Password via Dragonblood Attack Costs $1 of Computing Power

Related: Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Related: Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Cody Barrow has been appointed the new CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

More People On The Move

Expert Insights

Related Content

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.