Experts have found a method to trick devices into connecting to rogue Wi-Fi networks instead of trusted ones. This allows hackers to intercept network traffic and potentially steal sensitive information.
The Hacker News reports that the IEEE 802.11 Wi-Fi standard has a vulnerability, tracked as CVE-2023-52424. It affects all operating systems, Wi-Fi clients, and networks, including those using WEP, WPA3, 802.11X/EAP, or AMPE protocols.
Conditions and Prerequisites
Researchers explained that attackers can spoof a trusted network’s name (SSID) to downgrade the victim to a less secure network. “A successful SSID Confusion attack disables any VPN set to auto-disable on trusted networks, exposing the victim’s traffic,” they added.
CVE-2023-52424 highlights that SSIDs aren’t always authenticated; security measures activate only when a device joins a network. “In our attack, we trick the victim into connecting to WrongNet instead of TrustedNet using similar credentials,” explained the researchers. “The victim’s device will show it is connected to TrustedNet, but it is actually on WrongNet.”
For the attack to succeed, certain conditions must be met. The victim must attempt to connect to a trusted network and have another network with the same credentials nearby, and the attacker must be in range to perform an Attacker-in-the-Middle attack.
To mitigate SSID Confusion attacks, researchers recommend updating to the latest 802.11 Wi-Fi standard.
