May 9, 2024 at 02:46PM TunnelVision is a newly detailed VPN bypass method, assigned CVE identifier CVE-2024-3661, impacting operating systems with DHCP client support. This decloaking technique enables attackers to reroute and potentially inspect VPN traffic. With significant implications for various OSs and VPN tools, mitigating measures include implementing DHCP snooping and ARP protections. The … Read more
May 8, 2024 at 10:01AM A new VPN bypass technique, TunnelVision, manipulates DHCP route tables to force traffic off the VPN tunnel, allowing threat actors to snoop on and manipulate network traffic. Exploiting a DHCP design flaw, it does not depend on compromising the DHCP server. Leviathan Security Group recommends mitigation strategies to VPN providers … Read more
May 7, 2024 at 05:59PM A vulnerability dubbed TunnelVision allows attackers to reroute VPN traffic via DHCP, potentially exposing encrypted data to snooping. VPN and OS types don’t matter, except for Android, which is safe. The researchers suggest using network namespaces and firewall-level mitigations but recognize these may not fully resolve the issue. VPN users … Read more