- UC Riverside researchers found Wi-Fi Client Isolation is “fundamentally broken”
- New AirSnitch attacks enable traffic injection, MitM, and interception of wired devices
- All tested routers vulnerable; experts urge network segmentation and strong end-to-end encryption
Wi-Fi Client Isolation, a security feature which prevents devices on the same network from talking directly to each other, is “fundamentally broken” and can be abused in numerous ways, experts have claimed.
A team of researchers from the University of California, Riverside, published a new research report analyzing how client isolation works across three layers: Wi-Fi encryption, internal packet switching inside access points, and IP routing through the gateway.
Through their research, they discovered multiple new attack techniques that allow a malicious user, connected to the same Wi-Fi network, to inject traffic to other clients, intercept victim traffic, become a full machine-in-the-middle (MitM), and even intercept traffic from internal wired devices.
Widespread issue
The techniques include abusing the shared Wi-Fi group key, gateway bouncing (a Layer-3 routing trick essentially), port stealing (MAC spoofing attack), broadcast reflection (without the need for GTK), a full MitM combination attack that works by combining port stealing and gateway bouncing, and intercepting internal wired devices (via spoofing the MAC address).
These problems seem to be widespread, as every router and network they tested was vulnerable to at least one of these techniques. What’s more, this doesn’t seem to be affecting just home environments – enterprise setups, including real university networks, are equally at risk.
AirSnitch, as the researchers dubbed the vulnerability, “breaks worldwide Wi-Fi encryption, and it might have the potential to enable advanced cyberattacks,” Xin’an Zhou, the lead author on the research, told Ars Technica.
“Advanced attacks can build on our primitives to [perform] cookie stealing, DNS and cache poisoning. Our research physically wiretaps the wire altogether so these sophisticated attacks will work. It’s really a threat to worldwide network security.”
The researchers suggest that client isolation might not be the most reliable security boundary. Instead, users should focus on using proper network segmentation, avoiding sharing credentials, improving group key handling, and strong end-to-end encryption everywhere.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/euoWA3SymQA2cKKjmF37W4-1920-80.jpg
Source link
