- UC Riverside researchers found that Wi-Fi client isolation is “fundamentally broken.”
- New AirSnitch Attacks Enable Traffic Injection, MitM, and Wired Device Interception
- All routers tested are vulnerable; experts recommend network segmentation and strong end-to-end encryption
Wi-Fi client isolation, a security feature that prevents devices on the same network from communicating directly with each other, is “fundamentally broken” and can be abused in many ways, experts said.
A team of researchers from the University of California, Riverside, has published a new research report analyzing how client isolation works across three layers: Wi-Fi encryption, internal packet switching inside access points, and IP routing through the gateway.
Through their research, they discovered several new attack techniques that allow a malicious user, connected to the same Wi-Fi network, to inject traffic to other clients, intercept the victim’s traffic, become a machine in the middle (MitM), and even intercept traffic from internal wired devices.
Widespread problem
Techniques include abuse of the shared Wi-Fi group key, gateway bounce (a Layer 3 routing trick essentially), port stealing (MAC spoofing attack), broadcast reflection (without the need for GTK), a full MitM combo attack that works by combining port stealing and gateway bounce, and interception of internal wired devices (by spoofing the MAC address).
These issues appear to be widespread, as every router and network tested was vulnerable to at least one of these techniques. Additionally, this doesn’t seem to only affect home environments: enterprise setups, including real university networks, are also at risk.
AirSnitch, as the researchers dubbed the vulnerability, “breaks global Wi-Fi encryption and could potentially enable advanced cyberattacks,” said Xin’an Zhou, the lead author of the research. Ars Technica.
“Advanced attacks can rely on our primitives to [perform] cookie theft, DNS and cache poisoning. Our research physically bugs the network for these sophisticated attacks to work. This is truly a threat to the security of global networks.
Researchers suggest that client isolation may not be the most reliable safety boundary. Instead, users should focus on using proper network segmentation, avoiding sharing credentials, improving group key management, and strong end-to-end encryption everywhere.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
