Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Wi-Fi SSID names could allow to crash or hack mobile devices

Wi-Fi SSID names could allow to crash or hack mobile devices


Security researchers have discovered a bug in WiFi SSID management that could be exploited by hackers to crash Android, Windows, Linux systems or hack them. A user reported that the vulnerability could allow attackers to crash devices or even potentially inject malware into their system by using crafted P2P SSID names. The flaw was discovered by Google Security team. The attack occurs via a malicious wireless peer-to-peer network name, the attack relies in how wpa_supplicant uses SSID information parsed from management frames that create or update P2P peer entries in the list of available networks. The experts explained that the flaw is similar to the Heartbleed bug, with the difference that the wpa_supplicant vulnerability could allow an attacker to access the contents of memory and modify it.
 
Read More:
 
Source:
 
Security Affairs
 
Soft Machine
 
Team Cymru
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis