Research Unveils 4.2 Million Hosts Exposed to Cyberattacks by Unsecured Tunneling Protocols

Posted on January 22, 2025January 27, 2025 by Bitdefender

Bitdefender Family Pack Buy India

Security experts discovered a new set of tunnel protocol vulnerabilities that could expose millions of devices to a broad range of cyberattacks.

Tunneling packets used to hijack internet hosts

According to the research, the issue revolves around internet hosts that fail to verify the sender’s identity when handling tunneling packets.

This paves the way for host takeovers, which could allow attackers to breach vulnerable networks and weaponize the hosts for anonymized attacks.

The study, by Top10VPN in collaboration with KU Leuven professor and security researcher Mathy Vanhoef, revealed that the vulnerability affects as many as 4.2 million hosts.

VPNs, home routers, and CDN nodes affected

ISP home routers, VPNs, mobile network gateways, content delivery network (CDN) nodes, and core internet users are on the list of devices susceptible to the vulnerability.

As the research pointed out, Brazil, China, France, Japan, and the US are among the most affected countries.

In an attack scenario, threat actors could exploit the vulnerability to turn a susceptible device into a one-way proxy and even use it to launch denial-of-service (DoS) attacks.

The anatomy of the flaw

The vulnerability stems from the way tunneling protocols such as 4in6, 6in4, IP6IP6 and GRE6 facilitate data transfers between networks without authentication.

Further complicating matters, these protocols typically lack adequate security protocols like IPSec when encrypting traffic.

Perpetrators could even abuse these shortcomings to inject malicious traffic into a tunnel by sending a packet with two IP headers, encapsulated with one of the affected protocols.

Mitigating against attacks exploiting the flaw

Researchers recommend using robust protocols like IPSec or WireGuard to defend against attacks exploiting the vulnerability. In doing so, users would enforce authentication and encryption, filtering out tunneling packets from unknown sources.

Traffic filtering on routers and middleboxes, deep packet inspection (DPI) and blocking all unencrypted tunneling packets are also highly encouraged as mitigation steps.

Bitdefender: Trusted Security for Every Device, Every Business

Bitdefender is the best and most reliable Business Antivirus Software for your organization at great price! Buy Bitdefender Antivirus Plus, Internet Security, Total Security, Mobile Security, Premium Security Software For Home Users.

For SMB & Enterprise Solutions, Order GravityZone Business Security, Business Security Premium, Business Security Enterprise, Email Security & Patch Management Business Antivirus Softwares in India at great discounted prices.

Bitdefender offers a comprehensive range of antivirus software solutions for individuals and businesses, protecting your devices from online threats like malware, ransomware, and phishing attacks.Their product lineup includes Bitdefender Antivirus Plus, Internet Security, Total Security, Mobile Security, Family Pack and Premium Security each tailored to meet specific security needs. Whether you're a home user seeking essential protection or a business requiring advanced endpoint security, Bitdefender has a solution to keep you safe online.

Bitdefender’s Total Security offers top-level protection for all your digital needs. This Premium Security solution includes advanced Internet Security to guard against online threats and comprehensive Mobile Security for Android and iOS devices. It ensures your digital life is secure with robust protection for safe browsing and data security across all platforms. With this pack, you can enjoy peace of mind knowing that your Mobile Security is safeguarded with the highest level of protection. Fortify your digital world with Antivirus Plus, Antivirus for Mac, Compare Solutions, Trial Downloads, and Bitdefender Password Manager all in one powerhouse lineup.