This devious Wi-Fi security flaw could let hackers eavesdrop on your network with ease

SSID Confusion makes the victim device connect to the wrong network

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Experts have identified a way to “confuse” your device when it tries to connect to a trusted Wi-Fi network. As a result, the device is instead connected to a rogue network, where threat actors can snoop in on network traffic and possibly even steal sensitive information passing through.

A report fromThe Hacker Newsfound the IEEE 802.11 Wi-Fi standard is vulnerable to a flaw tracked as CVE-2023-52424.

It affects alloperating systemsand all Wi-Fi clients, and home networks,mesh networksare all vulnerable, regardless of if they are based on WEP, WPA3, 802.11X/EAP, or AMPE protocols.

Conditions and prerequisites

The researchers explained that by spoofing a trusted network name (SSID), the attackers can essentially “downgrade” the victim to a less secure network.

“A successful SSID Confusion attack also causes anyVPNwith the functionality to auto-disable on trusted networks to turn itself off, leaving the victim’s traffic exposed,” the researchers added.

CVE-2023-52424 revolves around the idea that SSIDs aren’t always authenticated, and security measures kick in only when a device requests joining a specific network.

“In our attack, when the victim wants to connect to the network TrustedNet, we trick it into connecting to a different network WrongNet that uses similar credentials,” the researchers explained. “As a result, the victim’s client will think, and show the user, that it is connected to TrustedNet, while in reality it is connected to WrongNet.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Before the attack can be successful, the victim needs to meet a few conditions, though, including wanting to connect to a trusted network, having a separate network with the same authentication credentials available, and the attacker being in range to perform an Attacker-in-the-middle attack between the victim and the trusted network.

The easiest way to address SSID Confusion attacks is to update to the 802.11 Wi-Fi standard, the researchers concluded.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case