ГлавнаяУязвимости → CVE-2024-3661
7.6высокая

CVE-2024-3661

→ есть в БДУ: BDU:2024-03571 (на русском)
Описание (на английском; русское — в БДУ выше)

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

Затрагиваемое ПО
Fortinet ForticlientCisco Anyconnect vpn clientCisco Secure clientPaloaltonetworks GlobalprotectCitrix Secure access clientApple Iphone osApple MacosLinux Linux kernelF5 Big-ip access policy managerWatchguard Ipsec mobile vpn clientWatchguard Mobile vpn with sslZscaler Client connector
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Источники
https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/https://bst.cisco.com/quickview/bug/CSCwk05814https://datatracker.ietf.org/doc/html/rfc2131#section-7https://datatracker.ietf.org/doc/html/rfc3442#section-7https://fortiguard.fortinet.com/psirt/FG-IR-24-170https://issuetracker.google.com/issues/263721377https://krebsonsecurity.com/2024/05/why-your-vpn-may-not-be-as-secure-as-it-claims/https://lowendtalk.com/discussion/188857/a-rogue-dhcp-server-within-your-network-can-and-will-hijack-your-vpn-traffic