New Vulnerability to Hijack VPN Connection through a Malicious Point

No featured articles available

Check back soon for the latest updates and featured content.

New vulnerability to hijack VPN connections impacting Linux, Android, macOS and other Unix based operating system disclosed by the security researchers from the University of New Mexico

New vulnerability to hijack VPN connections impacting Linux, Android, macOS and other Unix based operating system disclosed by the security researchers from the University of New Mexico.

The vulnerability tracked as CVE-2019-14899 impacts Linux distributions and networking stacks of multiple Unix-based operating systems including FreeBSD, OpenBSD, macOS and Android that allows an attacker to determine if a user is connected to a VPN and to hijack VPN connections.

This security flaw “allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website,” according to Wiliam J. Tolley, Beau Kulathu and Jedidiah R. Crandall, Breakpointing bad researchers at the University of New Mexico.

Systems affected by Linux vulnerability

The list of systems that the researchers found vulnerable are:

Ubuntu 19.10 (systemd)

Fedora (systemd)

Debian 10.2 (systemd)

Arch 2019.05 (systemd)

Manjaro 18.1.1 (systemd)

Deviant (sysV init)

MX Linux 19 (Mepis+antiX)

Void Linux (runit)

Slackware 14.2 (rc.d)

Deepin (rc.d)

FreeBSD (rc.d)

OpenBSD (rc.d)

The attack worked against VPN technologies like OpenVPN, WireGuard and IKE2/IPSec, but the researchers are still testing their feasibility against Tor.

Steps to exploit this vulnerability and hijack the target’s VPN connection

To determine the virtual IP address of the user connected to a VPN through a malicious access point

Making positive inference about the website they are visiting

Using the encrypted replies they were able to determine the exact packet sequence in certain VPN connections and

This allows the bad actor to inject data into the TCP stream and hijack active connections in the VPN tunnel.

The research teams public disclosure contains more technical details including turning reverse path filtering on, using bogon filtering, encrypting packet size and timing, along with possible mitigation that server owners can apply.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

Successful CISO – Is a Business Enabler the Need of the Hour?

Behind the Job Title: Information Security Consultant

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

New Vulnerability to Hijack VPN Connection through a Malicious Point

New vulnerability to hijack VPN connections impacting Linux, Android, macOS and other Unix based operating system disclosed by the security researchers from the University of New Mexico

Share Your Story!

No featured articles available

New vulnerability to hijack VPN connections impacting Linux, Android, macOS and other Unix based operating system disclosed by the security researchers from the University of New Mexico

Stay Updated with the Latest Cybersecurity News