CAPEC-615: Evil Twin Wi-Fi Attack
Adversaries install Wi-Fi equipment that acts as a legitimate Wi-Fi network access point. When a device connects to this access point, Wi-Fi data traffic is intercepted, captured, and analyzed. This also allows the adversary to use "adversary-in-the-middle" (CAPEC-94) for all communications.
Last updated
Overview
CAPEC-615 (Evil Twin Wi-Fi Attack) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- None
Consequences
What a successful CAPEC-615 attack can achieve.
Read Data
Affects: Confidentiality
Intercept and control Wi-Fi data communications to/from mobile device.
How to mitigate it
Defenses that reduce the risk of CAPEC-615.
- Commercial defensive technology that monitors for rogue Wi-Fi access points, adversary-in-the-middle attacks, and anomalous activity with the mobile device baseband radios.
Frequently asked questions
Common questions about CAPEC-615.
- What is CAPEC-615?
- Adversaries install Wi-Fi equipment that acts as a legitimate Wi-Fi network access point. When a device connects to this access point, Wi-Fi data traffic is intercepted, captured, and analyzed. This also allows the adversary to use "adversary-in-the-middle" (CAPEC-94) for all communications.
- How do you prevent CAPEC-615?
- Commercial defensive technology that monitors for rogue Wi-Fi access points, adversary-in-the-middle attacks, and anomalous activity with the mobile device baseband radios.
- What weaknesses does CAPEC-615 target?
- CAPEC-615 exploits 1 CWE weakness, including CWE-300 (Channel Accessible by Non-Endpoint).
- How severe is CAPEC-615?
- MITRE rates CAPEC-615 as Low severity.
References
Attack-pattern data is sourced from the MITRE CAPEC catalog (v3.9). Weakness associations link to the corresponding CWE entries on RadicalNotion.AI.
Defend against CAPEC-615
Track the CVEs and weaknesses attackers exploit with this technique, with AI-written analysis and remediation guidance.