Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

New Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise Networks

A couple of Wi-Fi authentication bypass vulnerabilities found in open source software can expose enterprise and home networks to attacks.

Wi-Fi attack

A couple of new Wi-Fi authentication bypass vulnerabilities found in open source software could expose many enterprise and home networks to attacks.

The vulnerabilities were discovered by Mathy Vanhoef, a professor at the KU Leuven research university in Belgium, and Heloise Gollier, a student at KU Leuven, in collaboration with VPN testing company Top10VPN. Vanhoef is well known for his research in the field of Wi-Fi security, including for the attacks named KRACK, Dragonblood, and FragAttacks.

The newly disclosed Wi-Fi authentication bypass vulnerabilities have been found in Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software.

Wpa_supplicant, which provides support for WPA, WPA2 and WPA3, is present in all Android devices, a majority of Linux devices, and the Chromebook operating system ChromeOS. 

The vulnerability identified in Wpa_supplicant, tracked as CVE-2023-52160, can be exploited against users connecting to an enterprise Wi-Fi network. The flaw can allow an attacker to trick a targeted user into connecting to a malicious Wi-Fi network set up to mimic a legitimate enterprise network. The attacker can then intercept the victim’s traffic.

“The vulnerability can be exploited against Wi-Fi clients that are not properly configured to verify the certificate of the authentication server, which unfortunately still often occurs in practice, in particular with ChromeOS, Linux, and Android devices,” the researchers wrote in a paper describing the flaws.

No user interaction is required to exploit the vulnerability. The attacker, however, needs to be in range of the victim and know the SSID of an enterprise network the victim previously connected to. 

The security hole found in IWD is tracked as CVE-2023-52161 and it can be exploited to gain access to home or small business Wi-Fi networks. The attacker can abuse the targeted Wi-Fi network for various activities, including to connect to the internet, and attack other devices on the network. An attacker can also intercept sensitive data and deliver malware.

Advertisement. Scroll to continue reading.

“The vulnerability allows an adversary to skip message 2 and 3 of the 4-way handshake, enabling an adversary to complete the authentication process without knowing the network’s password,” the researchers said.

Impacted vendors have been informed. Google has patched the vulnerability with the release of ChromeOS 118 and Android users should have the fixes soon. A patch is also available for Linux, but it’s up to Linux distributions to deliver it to users. Mitigations are also available. 

Related: Recovering Wi-Fi Password via Dragonblood Attack Costs $1 of Computing Power

Related: Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Related: Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights