Basic Wi-Fi behavior could enable a passing public user, who is connecting to the Wi-Fi router through its internal Wi-Fi link, to see the Wi-Fi network name from another location on the network and exploit that information in order to find out where the victim is, enabling the attacker to find out the precise location of the victim and/or access the victim’s private data.
The bug was initially reported in July, but the researchers only reported their findings to Cisco late Monday and have publicly disclosed the bug on Tuesday, the researchers said.
Cisco published a blog post Tuesday detailing the bug, which it says is the result of a “flaw in the device-to-device communications path within the WPA2 Wi-Fi Protected Access II network protocol.”
“This flaw was introduced by a third-party vendor when deploying the IEEE 802.11 Wi-Fi Protected Access II standard in 2012,” the researchers wrote.
“An attacker could exploit this flaw by connecting directly to an unauthenticated access point without first authenticating himself as a member of the access point’s authentication domain.” The researchers said they have not been able to replicate the flaw but noted that they were able to capture audio streams between devices within a private network, and that it was possible to manipulate the audio on a stream as a means to “obtain sensitive information.” The researchers said their findings should not “affect end-users that are unaware of this vulnerability.”
A Cisco statement said that “cisco believes it is important that vendors disclose known security issues to the public.” The company said it is continuing to work with researchers to “address this vulnerability.” Cisco Security Advisories can be found at: http://www.cisco.com/en/US/products/ps7/productssecurityadvisories.html
If you want to keep reading more about the best internet providers, we recommend to try Eatel, they offer some of the best internet services.