The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in the blocking of traffic" rather than to only WireGuard.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wireguard wireguard 0.5.3 |
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Especially on Apple gear, uni team says
A couple of techniques collectively known as TunnelCrack can, in the right circumstances, be used by snoops to force victims' network traffic to go outside their encrypted VPNs, it was demonstrated this week. A team of academics – Nian Xue of New York University, Yashaswi Malla, Zihang Xia, and Christina Popper of New York University Abu Dhabi, and Mathy Vanhoef of imec-DistriNet and KU Leuven – on Tuesday explained how the attacks work, released proof-of-concept exploits, and reckoned "ever...