Security News > 2024 > February > New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
2024-02-21 16:16
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a
News URL
https://thehackernews.com/2024/02/new-wi-fi-vulnerabilities-expose.html
Related news
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- Magnet Goblin hackers use 1-day flaws to drop custom Linux malware (source)
- Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-22 | CVE-2023-52161 | Improper Authentication vulnerability in Intel Inet Wireless Daemon The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. | 7.5 |
| 2024-02-22 | CVE-2023-52160 | Improper Authentication vulnerability in multiple products The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. | 6.5 |