CVE-2023-52424 – New WiFi Vulnerability: The SSID Confusion Attack
top10vpn.comI don’t get it…
Aren’t they basically saying they make an unauthenticated AP with the same SSID as the trusted network?
If so, this isn’t a new idea, at least not in the past two decades…
They dress it up with a MITM attack but I don’t see how MITM is useful here… They just seem to be doing direct SSID mapping without anything else going on.
Feels like more that a less-than-desired VPN related company is trying to get attention.
The researcher Mathy Vanhoef is pretty legit. He found Tunnelcrack and krack attack etc. The paper has been peer-reviewed and accepted at the WiSec 24 conference so yeah maybe the top10vpn company is using it to get attention but it's a real vulnerability from what I can tell.
> Affected software: All WiFi clients
> Affected platforms: All operating systems