Tag: DHCP Manipulation

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
News

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

Researchers have described how to circumvent virtual private networks (VPNs) using a method called TunnelVision that enables threat actors to eavesdrop on victim network traffic simply by sharing a local network. The CVE-2024-3661 (CVSS score: 7.6) has been assigned to the "decloaking" technique. It affects all operating systems with support for DHCP option 121 routes and DHCP clients implemented. Fundamentally, TunnelVision is the process of sending data across a VPN without encrypting it, using a DHCP server that has been configured by an attacker and the classless static route option 121 to establish a route on the VPN user's routing table. It also results from the fact that such option messages are vulnerable to manipulation because the DHCP protocol does not authenticate the...