83r71nLeviathan Security Group has identified a critical vulnerability, CVE-2024-3661, known as TunnelVision. This flaw can compromise the security of Virtual Private Networks (VPNs) by allowing attackers to reveal routing details, potentially leading to a complete VPN leak. The vulnerability works across most platforms, excluding Android, and requires a rogue DHCP server to exploit. It's suggested that the vulnerability could date back to 2002, highlighting its long-standing presence. To mitigate this issue, several potential fixes are proposed, including using network namespaces, implementing firewall rules, ignoring DHCP option 121, and utilizing hotspots or virtual machines. These measures aim to prevent attackers from manipulating traffic and compromising VPN security.
https://www.leviathansecurity.com/blog/tunnelvision
#cybersecurity #vpn #vulnerability #tunnelvision #cve #dhcp #network #namespace #firewall #hotspots #virtualmachines #leviathansecurity
CVE-2024-3661: TunnelVision - How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak — Leviathan Security Group - Penetration Testing, Security Assessment, Risk Advisory
We discovered a fundamental design problem in VPNs and we're calling it TunnelVision. This problem lets someone see what you're doing online, even if you think you're safely using a VPN.
KrebsOnSecurity RSS
ITSEC News