Technology

58033 readers

3331 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

founded 1 year ago

MODERATORS

276

submitted 6 months ago* (last edited 6 months ago) by Squire1039@lemm.ee to c/technology@lemmy.world

19 comments fedilink hide all child comments

Vulnerabilities:

CVE-2023-52160 (wpa_supplicant) and CVE-2023-52161 (Intel's iNet Wireless Daemon) allow attackers to:

Trick users into joining fake Wi-Fi networks: Attackers can create malicious clones of legitimate networks and steal user data.
Gain unauthorized access to secure Wi-Fi networks: Attackers can join password-protected networks without needing the password, putting devices and data at risk.

Affected devices:

CVE-2023-52160: Android devices using wpa_supplicant versions 2.10 and prior (requires specific configuration).
CVE-2023-52161: Linux devices using iNet Wireless Daemon versions 2.12 and lower (any network using a Linux access point).

Mitigation:

Update your Linux distribution and ChromeOS (version 118 or later).
Android fix not yet available, but manually configure CA certificate for any saved enterprise networks as a temporary workaround.

Exploitation:

Links:

you are viewing a single comment's thread
view the rest of the comments

[–] ooosssay@ani.social 1 points 6 months ago

That’s crazy