26 C
Jaipur
Saturday, October 24, 2020

Unpatched Apple iOS VPN Bypass Bug Block the Encrypted Traffic

Must read

iPhone 12 Users Can Now Download OS Updates Over 5G Data

Apple finally introduced 5G support with the launch of its latest iPhone 12 series. Now, as iPhones support high-speed 5G networks, the Cupertino tech...

Check Out Oppo Find X2 League of Legends Special Edition Right Here

After much anticipation, Chinese phone maker, Oppo unveiled the second generation of its Find X series, the Oppo Find X2 and Find X2 Pro,...

apple: Apple fixes 6 malicious apps posing as Adobe Flash installers – Latest News

The malicious apps masquerading as Adobe Flash installer are not going to go away anytime soon as Apple has once again fixed six more...

A new unpatched “VPN Bypass” vulnerability uncovered in Apple iOS block VPNs to encrypt all the traffic that passes through the device.

The bug affected Apple’s iOS version 13.4, and it can be taking advantage of the cybercriminals to surveillance the user’s online activities also it leaks IP address and exposes the user’s data.

Luis, a security consultant from ProtonVPN discovered this VPN bypass vulnerability and reported to Apple under which is now working for the patch.

ProtonVPN reported this VPN Bypass vulnerability under 90 days responsible disclosure program, and the iOS community will get the patch on the next Apple security update, currently no patch available for this vulnerability.

Also Learn: what is Virtual Private Network?

VPN Bypass Vulnerability Details

Basically, When users establish the connection via VPN, it kills the existing connection and re-establish the new connection via VPN tunnels where the connection will be completely encrypted.

But the vulnerability in the latest iOS version does not close existing connections plus some of the connections will be long-lasting and remain open for minutes to hours outside the VPN tunnel.

“One prominent example is Apple’s push notification service, which maintains a long-running connection between the device and Apple’s servers. But the problem could impact any app or service, such as instant messaging applications or web beacons.” Luis said via blog post.

VPN Bypass
Wireshark analysis

During the analysis of this iOS bug, the researcher captures the iOS device’s network traffic using Wireshark and be able to see the direct traffic between the iOS device’s IP and an external IP address that is not the VPN server but it’s an Apple server.

In fact, If you should be able to see only the traffic between the device’s IP and the VPN server but in this case, we could see the external IP address which belongs to Apple.

No VPN service can provide a workaround other than Apple for this issue due to the iOS permission restriction VPN app to kill existing network connections.

Learn : Master in Wireshark Network Analysis

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

iPhone 12 Users Can Now Download OS Updates Over 5G Data

Apple finally introduced 5G support with the launch of its latest iPhone 12 series. Now, as iPhones support high-speed 5G networks, the Cupertino tech...

Check Out Oppo Find X2 League of Legends Special Edition Right Here

After much anticipation, Chinese phone maker, Oppo unveiled the second generation of its Find X series, the Oppo Find X2 and Find X2 Pro,...

apple: Apple fixes 6 malicious apps posing as Adobe Flash installers – Latest News

The malicious apps masquerading as Adobe Flash installer are not going to go away anytime soon as Apple has once again fixed six more...

smart speaker: Global smart speaker market to reach 163 million units in 2021: Report – Latest News

Led by Amazon Alexa and Google Assistant powered devices, the global smart speaker market (including smart displays) is set to reach 163 million units...