Cybersecurity

5983 readers

529 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

New WiFi Authentication Vulnerabilities Discovered (www.top10vpn.com)

submitted 10 months ago by kid to c/cybersecurity

2 comments fedilink hide all child comments

Two new vulnerabilities have been identified in WiFi software affecting devices connecting to both enterprise and home networks. The wpa_supplicant vulnerability (CVE-2023-52160) impacts all Android devices, Linux distributions using the default WiFi client, and ChromeOS devices. It allows attackers to create malicious clones of trusted Enterprise WiFi networks to intercept traffic. The IWD vulnerability (CVE-2023-52161) affects Linux devices used as wireless access points, enabling unauthorized access to protected home WiFi networks. Users are advised to update their systems with the provided patches to protect against these security flaws.

all 3 comments

sorted by: hot top controversial new old

[–] InEnduringGrowStrong 16 points 10 months ago

CVE-2023-52160:

For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication.

Well yea, if you bypass cert verification, bad things can happen.

The other one's pretty bad in that it doesn't require misconfiguration, although I imagine most commercial APs don't use iwd.

[–] heavy 2 points 10 months ago

I mean, cool, I'm glad people are finding these, but I don't think they warrant panic or anything. Both can be mitigated relatively easily without a patch.