New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

May 9, 2024 at 02:46PM TunnelVision is a newly detailed VPN bypass method, assigned CVE identifier CVE-2024-3661, impacting operating systems with DHCP client support. This decloaking technique enables attackers to reroute and potentially inspect VPN traffic. With significant implications for various OSs and VPN tools, mitigating measures include implementing DHCP snooping and ARP protections. The … Read more

New ‘TunnelVision’ Technique Leaks Traffic From Any VPN System

May 8, 2024 at 10:01AM A new VPN bypass technique, TunnelVision, manipulates DHCP route tables to force traffic off the VPN tunnel, allowing threat actors to snoop on and manipulate network traffic. Exploiting a DHCP design flaw, it does not depend on compromising the DHCP server. Leviathan Security Group recommends mitigation strategies to VPN providers … Read more