A team of researchers from UC Riverside has developed attacks capable of bypassing client isolation in Wi-Fi networks commonly used in homes, workplaces, airports, and coffee shops.
The team, which includes four computer scientists from Riverside and one from KU Leuven in Belgium, discovered that every router and network they examined was vulnerable to at least one type of attack. Their findings are detailed in a paper titled AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks, which was presented at the NDSS Symposium 2026.
Understanding Wi-Fi Client Isolation
Wi-Fi client isolation, also referred to as Access Point (AP) isolation or station isolation, is a security feature designed to prevent Wi-Fi clients from intercepting, transmitting, or injecting traffic to other clients within the same wireless local area network.
When client isolation is enabled, the primary function of the AP in directing traffic from the source to the destination is restricted. This limitation prevents direct connections between devices on the network, allowing connections only to the router. Although this rule enables most legitimate activities, it also helps prevent malware from spreading, blocks eavesdropping on public Wi-Fi, and obstructs threats like port scanning and ARP spoofing.
Vulnerabilities Identified by Researchers
According to the researchers, the ability to bypass isolation stems from the absence of standardization in client isolation protocols. They state, “We believe that a root cause of these vulnerabilities is the missing standardization of client isolation. This defense was added by vendors without proper public review.” This lack of standardization results in inconsistent, ad hoc, and often incomplete implementations across different vendors.
The researchers identified three main weaknesses in the implementation of client isolation that facilitated their attacks:
- Abusing GTK Attack: The management of Wi-Fi keys that protect broadcast frames is flawed, allowing attackers to bypass client isolation. Most Wi-Fi implementations use a shared group temporal key for broadcast or multicast communications, which all clients have access to during client isolation. The researchers note, “This key can be abused by an insider to directly inject packets to victims, bypassing client isolation at the AP.”
- Gateway Bouncing Attack: Isolation is often enforced at the MAC or IP layer, but not both. The researchers explain, “An attacker can inject packets to a victim by using the AP’s gateway MAC address as the layer 2 destination, while using the victim’s IP address as the layer 3 destination.” This means that if the gateway does not enforce client isolation at the IP layer, it will forward the datagram to the victim client.
- Machine-in-the-Middle (MitM) Attack: Weak synchronization of a client’s identity across the network stack allows an attacker to bypass Wi-Fi client isolation at the network layer. This enables interception of both uplink and downlink traffic from other clients and internal backend devices. By spoofing the victim’s MAC address, an attacker can intercept downlink frames, and can impersonate internal backend devices to capture uplink traffic. The researchers remark, “Surprisingly, even though this results in client-to-client traffic, it is often allowed by the network.”
While not all Wi-Fi networks are vulnerable to all three attacks, the researchers found no network that was immune to at least one method. The findings of their research were responsibly shared with manufacturers, who were given more than 90 days to develop fixes prior to publication. However, the researchers caution that creating comprehensive solutions for all Wi-Fi networks will be challenging.
They stated, “Because our attacks exploit multiple protocols, standards, and their cross-layer interactions, it is difficult for a single vendor to recognize the full security impact in isolation. As a result, effective long-term mitigation requires ecosystem-level coordination across standards bodies, device manufacturers, and network operators.”
