#WiFiVulnerability

Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover

by

September 20, 2024 at 02:30PM A zero-click vulnerability in MediaTek Wi-Fi chipsets and driver bundles used in routers and smartphones, including those from Ubiquiti, Xiaomi, and Netgear, poses a critical risk, enabling remote code execution without user interaction. A public proof-of-concept exploit is available, so affected users should apply available MediaTek patches promptly. The vulnerability … Read more

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

by

May 16, 2024 at 12:51PM Researchers uncovered a new security vulnerability, CVE-2023-52424, in the IEEE 802.11 Wi-Fi standard, known as the SSID Confusion attack. This flaw allows attackers to downgrade victims to a less secure network, intercept their traffic, and disable their VPN functionality. Mitigations proposed involve updates to the Wi-Fi standard and avoiding credential … Read more