Cato CTRL Threat Brief: CVE-2024-3661 – VPN Vulnerability (“TunnelVision”)
CATO Networks
MAY 23, 2024
Researchers have labeled this technique ‘decloaking’ as while the VPN tunnel remains connected, it allows attackers to trick many VPN clients into sending traffic via a side channel and not through the encrypted tunnel. The malicious server is configured to use itself as the default gateway.
Let's personalize your content