Comment by jcalvinowens

1 day ago

This is a big deal: it means a client on one wifi network can MITM anything on any other wifi network hosted on the same AP, even if the other wifi network has different credentials. Pretty much every enterprise wifi deployment I've ever seen relies on that isolation for security.

These attacks are not new: the shocking thing here that apparently a lot of enterprise hardware doesn't do anything to mitigate these trivial attacks!

4 comments

jcalvinowens

Reply
Waterluvian  1 day ago

Like as in me being on the Guest network at a business can then read traffic of the Corporate network?

  • daneel_w  1 day ago

    Yes, if they host the guest network on the same hardware, same transmission path etc. Network "hygiene" will obviously differ from one place to the other.

  • jcalvinowens  1 day ago

    > Like as in me being on the Guest network at a business can then read traffic of the Corporate network?

    Exactly.

winstonwinston  1 day ago

Yes, though do all of these wifi devices actually have a formal assurance (as in written specification) of network L2/L3 isolation between virtual APs?

I have some of those wifi APs that do not even provide any sort of isolation besides just implementing multiple SSID on the same wifi radio aka Guest SSID. No guarantee, no isolation.