https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493007#M299230 <P>There is no public bug or PSIRT for this vulnerability yet, given it's still pretty fresh.</P><P>Raise a support ticket for more information as they may already be investigating internally.</P> Thu, 30 May 2024 00:47:02 GMT Brash 2024-05-30T00:47:02Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493000#M299223 <P>Hi,</P><P>I would like to know if Meraki has some taken any steps to mitigate this vulnerability.</P><P>We are:<BR />- using WPA2 encryption and not WPA3<BR />- using RADIUS authentication</P><P>I hope Meraki will release a patch to mitigate the vulnerability. Does anyone know or shed some light on the steps that Meraki is going to take or is advising the customers ?</P> Wed, 29 May 2024 19:56:46 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493000#M299223 gagandeep singh3 2024-05-29T19:56:46Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493001#M299224 <P>What vulnerability? Do you have the CVE?</P> Wed, 29 May 2024 19:58:10 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493001#M299224 aleabrahao 2024-05-29T19:58:10Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493002#M299225 <H3 id="toc-hId-1451047744">SSID Confusion Attack WiFi Vulnerability (CVE-2023-52424)</H3> Wed, 29 May 2024 20:00:37 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493002#M299225 gagandeep singh3 2024-05-29T20:00:37Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493003#M299226 <P>This CVE is from 2023, Meraki has probably already released the fix some time ago, as they frequently release new updates.</P><P>Have you already contacted support?</P> Wed, 29 May 2024 20:06:34 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493003#M299226 aleabrahao 2024-05-29T20:06:34Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493004#M299227 <P>Doubt that Meraki has published a fix for that. The CVE was published this month.</P> Wed, 29 May 2024 20:13:12 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493004#M299227 Raphael_L 2024-05-29T20:13:12Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493005#M299228 <P>Without knowing exactly what the underlying mechanisms is in this specific CVE, from what I'm reading about it, it's simply an overall design flaw in the 802.11 standard.</P><P>It's always been there, and will always be there.</P><P>Basically it aims at tricking a user to associate to your malicious and less secure SSID (a honeypot) and eavesdrop on all your traffic.</P><P>If you really want to mitigate it, there's an easy fix.</P><P>Turn of all your WiFi and Access Points, and cable your devices to the network.</P> Wed, 29 May 2024 21:10:13 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493005#M299228 Rasmus Hoffmann Birkelund 2024-05-29T21:10:13Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493006#M299229 <P>It's a day old I doubt any vendor has patched it as it's still being analysed. </P> Wed, 29 May 2024 23:30:09 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493006#M299229 BlakeRichardson 2024-05-29T23:30:09Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493007#M299230 <P>There is no public bug or PSIRT for this vulnerability yet, given it's still pretty fresh.</P><P>Raise a support ticket for more information as they may already be investigating internally.</P> Thu, 30 May 2024 00:47:02 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493007#M299230 Brash 2024-05-30T00:47:02Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493008#M299231 <P>Hi <A href="https://community.meraki.com/t5/user/viewprofilepage/user-id/108862">@gagandeep singh3</A>, </P><P><FONT color="#FF0000"><EM><STRONG>NOTE: I DO NOT KNOW, THE FULL INS AND OUTS OF THIS VULNERABILITY.</STRONG> </EM></FONT></P><P>That said, Meraki Air Marshal does have some level of mitigation from Rouge SSIDs. See below guide for further details.</P><P><A href="https://documentation.meraki.com/MR/Monitoring_and_Reporting/Air_Marshal" target="_blank" rel="nofollow noopener noreferrer">https://documentation.meraki.com/MR/Monitoring_and_Reporting/Air_Marshal</A></P> Thu, 30 May 2024 00:58:39 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493008#M299231 IvanJukic 2024-05-30T00:58:39Z https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493009#M299232 <P>Original writeup came out a few weeks ago: <A href="https://www.top10vpn.com/research/wifi-vulnerability-ssid" target="_blank" rel="nofollow noopener noreferrer">https://www.top10vpn.com/research/wifi-vulnerability-ssid</A>/</P><P>I wouldn't expect a fix to be released quickly, if at all!</P> Thu, 30 May 2024 03:20:06 GMT https://community.cisco.com/t5/wireless/ssid-confusion-attack/m-p/5493009#M299232 Paccers 2024-05-30T03:20:06Z