New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

May 9, 2024 at 02:46PM TunnelVision is a newly detailed VPN bypass method, assigned CVE identifier CVE-2024-3661, impacting operating systems with DHCP client support. This decloaking technique enables attackers to reroute and potentially inspect VPN traffic. With significant implications for various OSs and VPN tools, mitigating measures include implementing DHCP snooping and ARP protections. The … Read more