Wi-Fi software found in many major laptops and smartphones has a major security flaw — here’s what you need to know

Do you know which SSID you’re connecting to?

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Many of the most popular laptops and smartphones in use today could be vulnerable to two major security flaws that could result inidentity theft, data exfiltration, business email compromise (BEC) and other risks, experts have warned.

This is according to cybersecurity researchers  atTop10VPNand Mathy Vanhoef, who found two separate vulnerabilities - one tracked as CVE-2023-52160, and another tracked as CVE-2023-52161.

With the latter, a threat actor would be able to join an otherwise protected Wi-Fi network, and target other devices connected to it withmalwareor infostealers. The former, on the other hand, is found in the default software Android uses to handle logging into wireless networks and allows hackers to create a malicious clone of legitimate networks. If a victim gets tricked into joining this malicious clone, their traffic can be hijacked.

Patches available

While the vulnerabilities sound ominous, they’re not that easy to exploit. For the first one, the target’s Wi-Fi client needs to be configured not to verify the certificate of the authentication server. Furthermore, the attacker needs to know the SSID of the Wi-Fi network the victim usually connects to and needs to be close enough to be able to connect to it.

“One possible such scenario might be where an attacker walks around a company’s building scanning for networks before targeting an employee leaving the office,” the researchers explained.

CVE-2023-52161 was said to affect any network using a Linux device as a wireless access point.

Most Linux distributions (Debian, Red Hat, SUSE, Ubuntu), have all released patches, and so has ChromeOS. An Android fix is still pending.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“In the meantime, it’s critical, therefore, that Android users manually configure the CA certificate of any saved enterprise networks to prevent the attack,” Top10VPN said.

ViaThe Hacker News

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time