The newly disclosed Wi-Fi authentication bypass vulnerabilities have been found in Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software.
Wpa_supplicant, which provides support for WPA, WPA2 and WPA3, is present in all Android devices, a majority of Linux devices, and the Chromebook operating system ChromeOS.
The vulnerability identified in Wpa_supplicant, tracked as CVE-2023-52160, can be exploited against users connecting to an enterprise Wi-Fi network. The flaw can allow an attacker to trick a targeted user into connecting to a malicious Wi-Fi network set up to mimic a legitimate enterprise network. The attacker can then intercept the victim’s traffic.
The newly disclosed Wi-Fi authentication bypass vulnerabilities have been found in Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software.
Wpa_supplicant, which provides support for WPA, WPA2 and WPA3, is present in all Android devices, a majority of Linux devices, and the Chromebook operating system ChromeOS.
The vulnerability identified in Wpa_supplicant, tracked as CVE-2023-52160, can be exploited against users connecting to an enterprise Wi-Fi network. The flaw can allow an attacker to trick a targeted user into connecting to a malicious Wi-Fi network set up to mimic a legitimate enterprise network. The attacker can then intercept the victim’s traffic.