- UC Riverside researchers found Wi-Fi client isolation is ‘fundamentally broken’
- New AirSnitch Attacks Enable Traffic Injection, MitM, and Interception of Wired Devices
- All tested routers are vulnerable; Experts urge network segmentation and strong end-to-end encryption.
Wi-Fi client isolation, a security feature that prevents devices on the same network from communicating directly with each other, is “fundamentally broken” and can be abused in many ways, experts said.
A team of researchers at the University of California, Riverside, published a new research report that analyzes how client isolation works at three layers: Wi-Fi encryption, internal packet switching within access points, and IP routing through the gateway.
Through their research, they discovered multiple new attack techniques that allow a malicious user, connected to the same Wi-Fi network, to inject traffic to other clients, intercept the victim’s traffic, become a machine in the middle (MitM), and even intercept traffic from internal wired devices.
Widespread problem
Techniques include shared Wi-Fi group key abuse, gateway bounce (essentially a Layer 3 routing trick), port stealing (MAC spoofing attack), broadcast reflection (no need for GTK), a full MitM combo attack that works by combining port stealing and gateway bounce, and intercepting internal wired devices (via MAC address spoofing).
These problems appear to be widespread, as every router and network they tested was vulnerable to at least one of these techniques. What’s more, this doesn’t seem to just affect home environments: enterprise setups, including actual university networks, are equally at risk.
AirSnitch, as the researchers called the vulnerability, “breaks global Wi-Fi encryption and could have the potential to enable advanced cyberattacks,” said Xin’an Zhou, lead author of the research. Ars Technique.
“Advanced attacks can take advantage of our primitives to [perform] Cookie theft, DNS and cache poisoning. Our research physically intercepts the entire cable for these sophisticated attacks to work. “It is really a threat to the security of the global network.”
The researchers suggest that client isolation may not be the most reliable security boundary. Instead, users should focus on using proper network segmentation, avoiding credential sharing, improving group key management, and strong end-to-end encryption everywhere.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
