- An attacker can sniff, hijack and tamper VPN-tunneled connections by abusing a flaw in Linux, Android, macOS, and other Unix-based operating systems.
- Aviatrix VPN is also found to be impacted by multiple local privilege escalation vulnerabilities.
Virtual Private Networks (VPNs) are basically used to shield online users against web attacks and other online threats but with the emergence of new vulnerabilities, they can now be weaponized against users.
Sniffing VPN connections
- A group of academics has found that an attacker can sniff, hijack and tamper VPN-tunneled connections by abusing a flaw in Linux, Android, macOS, and other Unix-based operating systems.
- The vulnerability tracked as CVE-2019-14899 resides in the networking stacks of multiple Unix-based operating systems and more specifically, in how the operating systems reply to unexpected network packet probes.
- Attackers can exploit the vulnerability to spot vulnerable devices and extract various details about the user’s VPN connection status.
- Researchers tested and successfully exploited the vulnerability on various operating systems that include Ubuntu 19.10, Fedora, Debian 10.2, Arch 2019.05, Manjaro 18.1.1, Devuan, MX Linux 19, Void Linux, Slackware 14.2, Deepin, FreeBSD, OpenBSD.
- The attack was successful against VPN technologies like OpenVPN, WireGuard, and IKEv2/IPSec.
Vulnerable Aviatrix VPN
Researchers from Immersive Labs have uncovered multiple local privilege escalation vulnerabilities in Aviatrix VPN. The VPN is used by NASA, Shell, and BT.
The issues can allow attackers to gain root privileges of infected computers and steal confidential files and folders. They can also gain root privilege to network services.
The discovery comes just two months after the National Security Agency (NSA) and the National Security Council (NSC) issued a warning regarding state-sponsored attackers aiming at vulnerable VPN products.
Following the disclosure, Aviatrix has taken swift action and patched the issue by releasing a new version - v2.4.10 - on November 4.
Given the increasing security risks on VPNs, organizations should ensure good security solutions to protect themselves against potential cyberattacks. Additionally, they should also adopt white-listed and secured VPNs to prevent online threats.