CVE-2023-52424 – New WiFi Vulnerability: The SSID Confusion Attack

CVE-2023-52424 – New WiFi Vulnerability: The SSID Confusion Attack(top10vpn.com)

5 points by scentoni 2 years ago | 3 comments

I don’t get it…

Aren’t they basically saying they make an unauthenticated AP with the same SSID as the trusted network?

If so, this isn’t a new idea, at least not in the past two decades…

They dress it up with a MITM attack but I don’t see how MITM is useful here… They just seem to be doing direct SSID mapping without anything else going on.

Feels like more that a less-than-desired VPN related company is trying to get attention.

DomSathanas 2 years ago | |

The researcher Mathy Vanhoef is pretty legit. He found Tunnelcrack and krack attack etc. The paper has been peer-reviewed and accepted at the WiSec 24 conference so yeah maybe the top10vpn company is using it to get attention but it's a real vulnerability from what I can tell.

scentoni 2 years ago |

> Affected software: All WiFi clients

> Affected platforms: All operating systems