This devious Wi-Fi security flaw could let hackers eavesdrop on your network with ease
SSID Confusion makes the victim device connect to the wrong network
Experts have identified a way to “confuse” your device when it tries to connect to a trusted Wi-Fi network. As a result, the device is instead connected to a rogue network, where threat actors can snoop in on network traffic and possibly even steal sensitive information passing through.
A report from The Hacker News found the IEEE 802.11 Wi-Fi standard is vulnerable to a flaw tracked as CVE-2023-52424.
It affects all operating systems and all Wi-Fi clients, and home networks, mesh networks are all vulnerable, regardless of if they are based on WEP, WPA3, 802.11X/EAP, or AMPE protocols.
Conditions and prerequisites
The researchers explained that by spoofing a trusted network name (SSID), the attackers can essentially “downgrade” the victim to a less secure network.
"A successful SSID Confusion attack also causes any VPN with the functionality to auto-disable on trusted networks to turn itself off, leaving the victim's traffic exposed,” the researchers added.
CVE-2023-52424 revolves around the idea that SSIDs aren’t always authenticated, and security measures kick in only when a device requests joining a specific network.
“In our attack, when the victim wants to connect to the network TrustedNet, we trick it into connecting to a different network WrongNet that uses similar credentials," the researchers explained. "As a result, the victim's client will think, and show the user, that it is connected to TrustedNet, while in reality it is connected to WrongNet."
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Before the attack can be successful, the victim needs to meet a few conditions, though, including wanting to connect to a trusted network, having a separate network with the same authentication credentials available, and the attacker being in range to perform an Attacker-in-the-middle attack between the victim and the trusted network.
The easiest way to address SSID Confusion attacks is to update to the 802.11 Wi-Fi standard, the researchers concluded.
More from TechRadar Pro
- Wi-Fi software found in many major laptops and smartphones has a major security flaw — here's what you need to know
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.