Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2017-13082

Published: 17/10/2017 Updated: 03/10/2019
CVSS v2 Base Score: 5.8 | Impact Score: 6.4 | Exploitability Score: 6.5
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 518
Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Freebsd

Vulnerability Summary

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freebsd freebsd 10.4

canonical ubuntu linux 17.04

opensuse leap 42.2

debian debian linux 8.0

freebsd freebsd 11

redhat enterprise linux server 7

redhat enterprise linux desktop 7

freebsd freebsd 11.1

freebsd freebsd 10

freebsd freebsd

opensuse leap 42.3

debian debian linux 9.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

w1.fi hostapd 1.1

w1.fi hostapd 1.0

w1.fi hostapd 0.5.9

w1.fi hostapd 0.5.8

w1.fi hostapd 0.3.11

w1.fi hostapd 0.3.10

w1.fi wpa supplicant 2.5

w1.fi wpa supplicant 2.4

w1.fi wpa supplicant 0.7.3

w1.fi wpa supplicant 0.6.10

w1.fi wpa supplicant 0.5.7

w1.fi wpa supplicant 0.4.11

w1.fi wpa supplicant 0.4.10

w1.fi wpa supplicant 0.3.8

w1.fi wpa supplicant 0.3.7

w1.fi hostapd 2.4

w1.fi hostapd 2.3

w1.fi hostapd 2.2

w1.fi hostapd 0.6.9

w1.fi hostapd 0.6.8

w1.fi hostapd 0.4.10

w1.fi hostapd 0.4.9

w1.fi hostapd 0.2.6

w1.fi hostapd 0.2.5

w1.fi wpa supplicant 2.1

w1.fi wpa supplicant 2.0

w1.fi wpa supplicant 0.5.11

w1.fi wpa supplicant 0.5.10

w1.fi wpa supplicant 0.4.7

w1.fi wpa supplicant 0.3.11

w1.fi wpa supplicant 0.2.6

w1.fi wpa supplicant 0.2.5

w1.fi hostapd 2.1

w1.fi hostapd 2.0

w1.fi hostapd 0.5.11

w1.fi hostapd 0.5.10

w1.fi hostapd 0.4.8

w1.fi hostapd 0.4.7

w1.fi hostapd 0.2.4

w1.fi wpa supplicant 2.6

w1.fi wpa supplicant 1.1

w1.fi wpa supplicant 1.0

w1.fi wpa supplicant 0.5.9

w1.fi wpa supplicant 0.5.8

w1.fi wpa supplicant 0.3.10

w1.fi wpa supplicant 0.3.9

w1.fi wpa supplicant 0.2.4

w1.fi hostapd 2.6

w1.fi hostapd 2.5

w1.fi hostapd 0.7.3

w1.fi hostapd 0.6.10

w1.fi hostapd 0.5.7

w1.fi hostapd 0.4.11

w1.fi hostapd 0.3.9

w1.fi hostapd 0.3.7

w1.fi hostapd 0.2.8

w1.fi wpa supplicant 2.3

w1.fi wpa supplicant 2.2

w1.fi wpa supplicant 0.6.9

w1.fi wpa supplicant 0.6.8

w1.fi wpa supplicant 0.4.9

w1.fi wpa supplicant 0.4.8

w1.fi wpa supplicant 0.2.8

w1.fi wpa supplicant 0.2.7

suse linux enterprise point of sale 11

suse linux enterprise server 11

suse linux enterprise desktop 12

suse linux enterprise server 12

suse openstack cloud 6

Vendor Advisories

Red Hat: Important: wpa_supplicant security update
Synopsis Important: wpa_supplicant security update Type/Severity Security Advisory: Important Topic An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Ubuntu Security Notice: wpa vulnerabilities
Several security issues were fixed in wpa_supplicant ...
Debian Security Advisories: DSA-3999-1 wpa -- security update
Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered multiple vulnerabilities in the WPA protocol, used for authentication in wireless networks Those vulnerabilities apply to both the access point (implemented in hostapd) and the station (implemented in wpa_supplicant) An attacker exploiting the vulnerabilities could force t ...
Red Hat: CVE-2017-13082
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) by retransmitting Fast BSS Transition (FT) Reassociation Re ...
Arch Linux Issues:
A vulnerability has been discovered that allows accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key (PTK) while processing it ...
Cisco: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II
On October 16, 2017, a research paper with the title “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols These vulnerabilities may allow the ...

Recent Articles

KRACK whacked, media playback holes packed, other bugs go splat in Android patch pact
The Register • Shaun Nichols in San Francisco • 07 Nov 2017

Update your firmware ASAP to avoid being hacked Google's answer to the Pixel 2 XL CRT-style screen burn in: Lower the brightness

Google has released its November security update for Android, addressing a bag of security holes. You should install them as soon as they are available for your phone, tablet and other gadgets. Depending on your mobile carrier and device manufacturer, they may arrive immediately, soon, late or never. Among the holes covered by the release is the KRACK Wi-Fi key reinstallation flaw that made headlines last month after researchers described how the flaw could potentially allow eavesdropping on nea...

Read more...
WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug
The Register • Richard Chirgwin • 16 Oct 2017

Strap yourselves in readers, Wi-Fi may be cooked

Updated A promo for the upcoming Association for Computing Machinery security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure Wi-Fi connections. The authors of the paper have everything ready except the details of their disclosure: acceptance at the ACM Conference on Computer and Communications Security (CCS) for their paper Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, a timeslot (during the ...

Read more...

References

CWE-330https://www.krackattacks.com/http://www.kb.cert.org/vuls/id/228519http://www.securitytracker.com/id/1039581http://www.securitytracker.com/id/1039573http://www.securitytracker.com/id/1039571http://www.securitytracker.com/id/1039570http://www.securityfocus.com/bid/101274https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txthttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpahttps://support.lenovo.com/us/en/product_security/LEN-17420https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.aschttps://access.redhat.com/security/vulnerabilities/krackshttps://access.redhat.com/errata/RHSA-2017:2907http://www.ubuntu.com/usn/USN-3455-1http://www.debian.org/security/2017/dsa-3999http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txthttps://github.com/vanhoefm/krackattacks-test-ap-fthttps://security.gentoo.org/glsa/201711-03https://source.android.com/security/bulletin/2017-11-01http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdfhttps://cert.vde.com/en-us/advisories/vde-2017-005https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.htmlhttps://access.redhat.com/errata/RHSA-2017:2907https://nvd.nist.govhttps://usn.ubuntu.com/3455-1/https://www.kb.cert.org/vuls/id/228519
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook