Mati Vanhof, the researcher behind the Krack attack on wireless networks, has discovered a new vulnerability affecting various devices and operating systems. The vulnerability, known as Macstealer (CVE-2022-47522), circumvents wireless network encryption allowing attackers to intercept traffic from unsuspecting customers.
The vulnerability is caused by the absence of prescriptions controlling the context of protection for buffering frames and lack of protection for the Power-Save flag in the frame header. Attackers can manipulate the premises of personnel in the queue and achieve buffering and changes to the defense context, ultimately redirecting personnel to the attacking device without encryption or with zero encryption.
To redirect personnel to the attacker’s device, a trick is used, whereby the victim periodically shuts down after sending a request, and the attacking device connects with the victim’s MAC address. As a result, packages addressed to the victim and stuck in the queue will be sent to the attacker.
The technology is made even more dangerous since access to instrumentation for the attack is open. The vulnerability affects devices from vendors such as Cisco and UBIQUITI and operating systems including Linux, FreeBSD, iOS, and Android.
Vanhoef’s research is available on Github, detailing the intricacies behind Macstealer. Users are urged to ensure their systems are up to date to prevent unauthorized access via wireless networks.