LocalNet and ServerIP attack
Posted: Wed Aug 09, 2023 9:57 am
TunnelCrack is a combination of two widespread security vulnerabilities in VPNs. An adversary can abuse these vulnerabilities to leak traffic outside the VPN tunnel. Our tests indicate that every VPN product is vulnerable on at least one device. We found that VPNs for iPhones, iPads, MacBooks, and macOS are extremely likely to be vulnerable, that a majority of VPNs on Windows and Linux are vulnerable, and that Android is the most secure with roughly one-quarter of VPN apps being vulnerable. The discovered vulnerabilities can be abused regardless of the security protocol used by the VPN.
https://tunnelcrack.mathyvanhoef.com
Any suggestion for mitigation?
I would say it helps using static IP addresses (and not FQDN) and strict certificate checking on a client side. What else?
https://tunnelcrack.mathyvanhoef.com
Any suggestion for mitigation?
I would say it helps using static IP addresses (and not FQDN) and strict certificate checking on a client side. What else?