Subj : Top VPN services can be tricked into leaking traffic outside your
To   : All
From : TechnologyDaily
Date : Wed Aug 09 2023 19:45:03

Top VPN services can be tricked into leaking traffic outside your network

Date:
Wed, 09 Aug 2023 18:31:16 +0000

Description:
New flaws found in Cisco routers affecting VPN traffic routing.

FULL STORY
======================================================================

Two vulnerabilities found in popular business VPN solutions could allow 
hackers to divert traffic outside a VPN tunnel, among other things. 

A new research paper, recently published by a group of authors from different 
universities around the world, outlined two vulnerabilities affecting Cisco 
routers were mentioned - CVE-2023-36672, and CVE-2023-36673. 

The flaws, collectively titled TunnelCrack, affect Cisco Secure Client 
AnyConnect VPN for iOS regardless of client configuration. Manipulating 
routing exceptions 

The paper, titled Bypassing tunnels: Leaking VPN client traffic by abusing 
routing tables was written by Nian Xue of the New York University, together 
with Yashaswi Malla, Zihang Xia, and Christina Popper of the New York 
University Abu Dhabi, and Mathy Vanhoef from the imec-DistriNet, KU Leuven. 

Our first set of vulnerabilities, called LocalNet attacks, can be exploited 
when a user connects to an untrusted Wi-Fi network, one of the researchers - 
Mathy Vanhoef - told The Register. Our second set of vulnerabilities, called 
ServerIP attacks, can be exploited by untrusted Wi-Fi networks and by 
malicious Internet service providers. Both attacks manipulate the victim's 
routing table to trick the victim into sending traffic outside the protected 
VPN tunnel, allowing an adversary to read and intercept transmitted traffic. 
Read more 

> Cisco finally patches months-old VPN security flaw 


 > Zero-day VPN software flaw exploited by APT hackers 


 > These are the best proxy services around right now 

Soon after the paper was published, Cisco sounded the alarm, saying the 
vulnerabilities can be abused by an attacker to manipulate routing exceptions 
that are maintained by the client to redirect traffic to a device that they 
control without the benefit of the VPN tunnel encryption." However, no patch 
seems to be required, as Cisco only said that a few properly configured 
firewall rules should do the trick. 

"For customers who have configured clients to allow local LAN access, Cisco 
recommends applying client firewall rules to allow access to necessary 
resources only," the networking giant said. Check out the best malware 
removal today 

Via: The Register



======================================================================
Link to news story:
https://www.techradar.com/pro/top-vpn-services-can-be-tricked-into-leaking-tra
ffic-outside-your-network


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.