WiFi Security Vulnerabilities Make Linux and Android Systems Susceptible to Hackers
Cybersecurity researchers have found new WiFi security vulnerabilities that have made Linux and Android devices susceptible to attack. Learn more about the nature of the threat that has affected several business and home networks.
- Researchers have identified security vulnerabilities in WiFi technology that have made Android and Linux enterprise and home networks more vulnerable to attack.
- The flaws allow threat actors to misuse cloned versions of trusted networks without the need for passwords.
Cybersecurity researchers at the KU Leuven Research University in Belgium have discovered some new vulnerabilities associated with WiFi technology that open a range of Android, Linux, and Chrome OS enterprise and home networks to attacks. The vulnerabilities, CVE-2023-52161 and CVE-2023-52160, were discovered while examining Intel’s iNet Wireless Daemon.
The vulnerabilities allow threat actors to trick targets into connecting with malicious copies of trusted networks without the need for passwords. This also allows attackers to join secure networks and interfere with traffic.CVE-2023-52161 affects systems using Intel’s iNet Wireless Daemon versions 2.12 and lower. CVE-2023-52160 affects wpa_supplicant versions 2.10 and before.
See More: Reddit’s Strategic Play Lands it a $60M Content Licensing Deal Before IPO
While CVE-2023-52161 allows attackers to gain unauthorized access to protected WiFi networks with Linux devices being used as wireless access points, thereby exposing devices to data theft and malware infections, CVE-2023-52160 affects WiFi clients that are incorrectly configured for authentication server certificates.
The latter has a wider scope of threat because wpa_supplicant is used as the default in Android devices to manage login requests for wireless networks whenever the attacker has access to the SSID of a WiFi network. However, for the vulnerability to work, the attacker will need to have physical access to the target device.
The development highlights the need for organizations to emphasize cybersecurity hygiene and conduct awareness programs about best practices, including manual configuration of enterprise network certificates, among others.
What do you think about operational issues with AI tech? Let us know your thoughts on LinkedIn, X, or Facebook. We’d love to hear from you!
Image source: Shutterstock
LATEST NEWS STORIES