New Wi-Fi Flaws Make Android, Linux Devices to Hacking
Cybersecurity researchers have identified two vulnerabilities in open-source Wi-Fi software used in Android, Linux, and ChromeOS devices. These flaws could allow hackers to trick users into connecting to a fake network or join a trusted network without a password. The flaws, known as CVE-2023-52160 and CVE-2023-52161, were discovered during a security evaluation of wpa_supplicant and Intel’s iNet Wireless Daemon (IWD).
What’s Happening & Why This Matters
These vulnerabilities can enable attackers to trick users into connecting to fake versions of trusted networks and intercept their traffic, or join secure networks without needing a password, according to Top10VPN’s new research, conducted with cybersecurity expert Mathy Vanhoef. CVE-2023-52161 allows attackers to gain unauthorized access to a protected Wi-Fi network, potentially exposing users and devices to malware, data theft, and business email compromise (BEC). It affects IWD versions 2.12 and lower.
Meanwhile, CVE-2023-52160 affects wpa_supplicant versions 2.10 and prior. It’s particularly concerning because it’s the default software used in Android devices for handling wireless network logins. Exploiting these flaws requires close proximity to the victim and knowledge of the network’s SSID, making it necessary for Android users to manually configure the CA certificate of saved enterprise networks to prevent attacks.
t/f Summary: How to Stay Protected
It’s crucial for Android users to manually configure the CA certificate of any saved enterprise networks to prevent these attacks until fixes are made available. While major Linux distributions have released advisories for the flaws, fixes for Android are still pending.