February 21, 2024 at 12:27PM
Cybersecurity researchers have discovered authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, could deceive users into malicious networks or allow attackers to join trusted networks without a password. Fixes are available for some systems but pending for Android.
From the meeting notes provided, the main takeaways are:
1. Cybersecurity researchers have identified authentication bypass flaws in open-source Wi-Fi software used in Android, Linux, and ChromeOS devices, potentially exposing users to malicious network clones and unauthorized access to trusted networks.
2. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, affect wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) respectively, allowing attackers to intercept traffic, gain unauthorized access, and join secured networks without passwords.
3. CVE-2023-52161 impacts IWD versions 2.12 and lower, potentially exposing protected Wi-Fi networks to malware infections, data theft, and business email compromise.
4. CVE-2023-52160 affects wpa_supplicant versions 2.10 and prior, particularly impacting Android devices, and requires networks to configure the certificate of the authentication server properly to prevent exploitation.
5. Major Linux distributions including Debian, Red Hat, SUSE, and Ubuntu have released advisories, with partial fixes for ChromeOS, and Android requiring manual configuration of CA certificates for saved enterprise networks.
6. Android users are advised to manually configure the CA certificate of saved enterprise networks to mitigate the risk until a fix is made available.
The article also recommends following the source on Twitter and LinkedIn for more exclusive content.