A vulnerability exists in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an malicious user to hijack active connections inside the VPN tunnel.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd - |
||
linux linux kernel - |
||
openbsd openbsd - |
||
apple mac os x |
||
apple tvos |
||
apple iphone os |
||
apple ipados |
||
apple macos 11.0 |
OpenVPN, WireGuard, IKEv2/IPSec also vulnerable to tampering flaw, we're told
A bug in the way Unix-flavored systems handle TCP connections could put VPN users at risk of having their encrypted traffic hijacked, it is claimed. The University of New Mexico team of William Tolley, Beau Kujath, and Jedidiah Crandall this week said they've discovered CVE-2019-14899, a security weakness they report to be present in "most" Linux distros, along with Android, iOS, macOS, FreeBSD, and OpenBSD. The upshot is, if exploited, encrypted VPN traffic can be potentially hijacked and disru...