Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.9
CVSSv2

CVE-2017-13078

Published: 17/10/2017 Updated: 03/10/2019
CVSS v2 Base Score: 2.9 | Impact Score: 2.9 | Exploitability Score: 5.5
CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6
VMScore: 259
Vector: AV:A/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Freebsd

Vulnerability Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 10

freebsd freebsd 10.4

opensuse leap 42.3

opensuse leap 42.2

debian debian linux 9.0

debian debian linux 8.0

canonical ubuntu linux 14.04

redhat enterprise linux server 7

freebsd freebsd 11

freebsd freebsd 11.1

redhat enterprise linux desktop 7

freebsd freebsd

canonical ubuntu linux 17.04

canonical ubuntu linux 16.04

w1.fi hostapd 2.0

w1.fi hostapd 1.1

w1.fi hostapd 0.5.10

w1.fi hostapd 0.5.9

w1.fi hostapd 0.4.7

w1.fi hostapd 0.3.11

w1.fi wpa supplicant 2.6

w1.fi wpa supplicant 2.5

w1.fi wpa supplicant 1.0

w1.fi wpa supplicant 0.7.3

w1.fi wpa supplicant 0.5.8

w1.fi wpa supplicant 0.5.7

w1.fi wpa supplicant 0.4.11

w1.fi wpa supplicant 0.3.9

w1.fi wpa supplicant 0.3.8

w1.fi hostapd 2.5

w1.fi hostapd 2.4

w1.fi hostapd 2.3

w1.fi hostapd 0.6.10

w1.fi hostapd 0.6.9

w1.fi hostapd 0.4.11

w1.fi hostapd 0.4.10

w1.fi hostapd 0.2.8

w1.fi hostapd 0.2.6

w1.fi wpa supplicant 2.2

w1.fi wpa supplicant 2.1

w1.fi wpa supplicant 0.6.8

w1.fi wpa supplicant 0.5.11

w1.fi wpa supplicant 0.4.8

w1.fi wpa supplicant 0.4.7

w1.fi wpa supplicant 0.2.7

w1.fi wpa supplicant 0.2.6

w1.fi hostapd 2.2

w1.fi hostapd 2.1

w1.fi hostapd 0.6.8

w1.fi hostapd 0.5.11

w1.fi hostapd 0.4.9

w1.fi hostapd 0.4.8

w1.fi hostapd 0.2.5

w1.fi hostapd 0.2.4

w1.fi wpa supplicant 2.0

w1.fi wpa supplicant 1.1

w1.fi wpa supplicant 0.5.10

w1.fi wpa supplicant 0.5.9

w1.fi wpa supplicant 0.3.11

w1.fi wpa supplicant 0.3.10

w1.fi wpa supplicant 0.2.5

w1.fi wpa supplicant 0.2.4

w1.fi hostapd 2.6

w1.fi hostapd 1.0

w1.fi hostapd 0.7.3

w1.fi hostapd 0.5.8

w1.fi hostapd 0.5.7

w1.fi hostapd 0.3.10

w1.fi hostapd 0.3.9

w1.fi hostapd 0.3.7

w1.fi wpa supplicant 2.4

w1.fi wpa supplicant 2.3

w1.fi wpa supplicant 0.6.10

w1.fi wpa supplicant 0.6.9

w1.fi wpa supplicant 0.4.10

w1.fi wpa supplicant 0.4.9

w1.fi wpa supplicant 0.3.7

w1.fi wpa supplicant 0.2.8

suse linux enterprise point of sale 11

suse linux enterprise desktop 12

suse linux enterprise server 12

suse openstack cloud 6

suse linux enterprise server 11

Vendor Advisories

Red Hat: Important: wpa_supplicant security update
Synopsis Important: wpa_supplicant security update Type/Severity Security Advisory: Important Topic An update for wpa_supplicant is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: wpa_supplicant security update
Synopsis Important: wpa_supplicant security update Type/Severity Security Advisory: Important Topic An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Debian CVElist Bug Report Logs: firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417
Debian Bug report logs - #869639 firmware-brcm80211: BroadPwn vulnerability CVE-2017-9417 Package: firmware-brcm80211; Maintainer for firmware-brcm80211 is Debian Kernel Team <debian-kernel@listsdebianorg>; Source for firmware-brcm80211 is src:firmware-nonfree (PTS, buildd, popcon) Reported by: Mark Robinson <mark@zl2to ...
Ubuntu Security Notice: wpa vulnerabilities
Several security issues were fixed in wpa_supplicant ...
Debian Security Advisories: DSA-3999-1 wpa -- security update
Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks Those vulnerabilities apply to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant) An attacker exploiting the vulnerabilities could force t ...
Red Hat: CVE-2017-13078
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a 4-way handshake ...
Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II
On October 16, 2017, a research paper with the title “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols These vulnerabilities may allow the ...
Arch Linux Issues:
A vulnerability has been discovered that allows reinstallation of the group key (GTK) in the 4-way handshake ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products
A potential security vulnerability has been identified with certain HP Printers and MFPs, and HP JetDirect Networking accessories using WPA or WPA2 This vulnerability known as Key Reinstallation Attacks or “KRACK attacks” which could potentially be exploited remotely to allow disclosure of information ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability
Potential security vulnerabilities have been identified with certain versions of Intel Active Management Technology, Management Engine Firmware, and Management Engine Software The Cumulative Security update and WPA2 vulnerability fix impacts ME versions 11x, 10x, 9x, and 8x The Cumulative Security fix addresses vulnerabilities that c ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products
A potential security vulnerability has been identified with certain HP Printers and MFPs, and HP JetDirect Networking accessories using WPA or WPA2 This vulnerability known as Key Reinstallation Attacks or “KRACK attacks” which could potentially be exploited remotely to allow disclosure of information ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities
On October 16, security researchers publicly announced vulnerabilities in the WiFi WPA2 standard See the References section below for links to additional resources describing the KRACK Attacks WPA2 potential vulnerabilities in detail The HP printing devices and networking accessories listed below are susceptible to the applicable vulnerabilities ...

Github Repositories

https://github.com/sysadminmexico/krak

ataque krak wpa2

This project contains scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2 For details behind this attack see our website and the research paper Remember that our scripts are not attack scripts! You will need the appropriate network credentials in order to test if an access point or client is affected by the KRACK attack Prerequisit

https://github.com/vanhoefm/krackattacks-scripts

This project contains scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2 For details behind this attack see our website and the research paper Remember that our scripts are not attack scripts! You will need the appropriate network credentials in order to test if an access point or client is affected by the KRACK attack 21 January

https://github.com/PleXone2019/krackattacks-scripts

This project contains scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2 For details behind this attack see our website and the research paper Remember that our scripts are not attack scripts! You will need the appropriate network credentials in order to test if an access point or client is affected by the KRACK attack Prerequisit

https://github.com/84KaliPleXon3/vanhoefm-krackattacks-scripts

This project contains scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2 For details behind this attack see our website and the research paper Remember that our scripts are not attack scripts! You will need the appropriate network credentials in order to test if an access point or client is affected by the KRACK attack Prerequisit

Recent Articles

KRACK whacked, media playback holes packed, other bugs go splat in Android patch pact
The Register • Shaun Nichols in San Francisco • 07 Nov 2017

Update your firmware ASAP to avoid being hacked Google's answer to the Pixel 2 XL CRT-style screen burn in: Lower the brightness

Google has released its November security update for Android, addressing a bag of security holes. You should install them as soon as they are available for your phone, tablet and other gadgets. Depending on your mobile carrier and device manufacturer, they may arrive immediately, soon, late or never. Among the holes covered by the release is the KRACK Wi-Fi key reinstallation flaw that made headlines last month after researchers described how the flaw could potentially allow eavesdropping on nea...

Read more...
WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug
The Register • Richard Chirgwin • 16 Oct 2017

Strap yourselves in readers, Wi-Fi may be cooked

Updated A promo for the upcoming Association for Computing Machinery security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure Wi-Fi connections. The authors of the paper have everything ready except the details of their disclosure: acceptance at the ACM Conference on Computer and Communications Security (CCS) for their paper Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, a timeslot (during the ...

Read more...

References

CWE-330https://www.krackattacks.com/http://www.kb.cert.org/vuls/id/228519http://www.securitytracker.com/id/1039585http://www.securitytracker.com/id/1039581http://www.securitytracker.com/id/1039578http://www.securitytracker.com/id/1039577http://www.securitytracker.com/id/1039576http://www.securitytracker.com/id/1039573http://www.securityfocus.com/bid/101274https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txthttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpahttps://support.lenovo.com/us/en/product_security/LEN-17420https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.aschttps://access.redhat.com/security/vulnerabilities/krackshttps://access.redhat.com/errata/RHSA-2017:2911https://access.redhat.com/errata/RHSA-2017:2907http://www.ubuntu.com/usn/USN-3455-1http://www.debian.org/security/2017/dsa-3999http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txthttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.htmlhttps://security.gentoo.org/glsa/201711-03https://support.apple.com/HT208222https://support.apple.com/HT208221https://support.apple.com/HT208220https://support.apple.com/HT208219https://source.android.com/security/bulletin/2017-11-01http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttps://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_ushttps://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdfhttps://cert.vde.com/en-us/advisories/vde-2017-005https://cert.vde.com/en-us/advisories/vde-2017-003https://lists.debian.org/debian-lts-announce/2018/11/msg00015.htmlhttps://access.redhat.com/errata/RHSA-2017:2911https://usn.ubuntu.com/3455-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/228519
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook