TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak

May 9, 2024Source: Leviathan Security

Found this useful? Share it with your network

This article details a novel network technique discovered by researchers that allows an attacker to bypass VPN encapsulation via DHCP (Dynamic Host Configuration Protocol), effectively forcing a target user’s traffic outside of their VPN tunnel. Termed as "decloaking," this method subtly exploits the DHCP without disrupting the VPN's control channel, leaving the user unaware as their data transmissions are not encrypted by the VPN. Despite attempts to inform affected parties, the technique—which is believed to be exploitable since 2002—remains a significant threat. The article emphasizes the difficulty in mitigating this vulnerability due to the essential role DHCP plays in network connectivity and suggests the implementation of network namespaces as a potential fix for systems that support it, like Linux. The research aims to raise awareness within the security community about this threat and the challenge in notifying every VPN provider and user, hoping for wider implementation of effective countermeasures.

Read Full Article

Opens on Leviathan Security

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News