As reported by The Register, researchers from the University of New Mexico have found a bug in the way Unix-flavored systems handle TCP connections, which could put VPN users at risk of having their encrypted traffic hijacked. CVE-2019-14899 is a security weakness that they report to be present in “most” Linux distros, along with Android, iOS, and macOS. If exploited, encrypted VPN traffic can be potentially hijacked and disrupted by miscreants on the network. Once the victim connected to their VPN, the spy would be able to tamper with the TCP stream to do things like inject packets into the stream.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
