8.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.4%
ATTENTION: Low skill level is needed to exploit. Public exploits are available.
Vendor: PEPPERL+FUCHS/ecom instruments
Equipment: WLAN capable devices using the WPA2 Protocol
Vulnerabilities: Reusing a Nonce
PEPPERL+FUCHS/ecom instruments reports that these vulnerabilities affect all versions of the following WLAN capable devices using the WPA2 Protocol:
Successful exploitation of these vulnerabilities could allow an attacker to operate as a “man-in-the-middle” between the device and the wireless access point.
PEPPERL+FUCHS/ecom instruments report the following mitigations:
Android
Windows
For more information CERT@VDE has released a security advisory found at:
<https://cert.vde.com/de-de/advisories/vde-2017-005>
NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available in the ICS‑CERT Technical Information Paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Multiple products are affected by key reinstallation attacks known as KRACK. The four-way hand shake traffic in the Wi-Fi Protected Access WPA and WPA2 protocol can be manipulated to allow nonce reuse resulting in key reinstallation. This could allow an attacker to execute a “man-in-the-middle” attack, enabling the attacker within radio range to replay, decrypt, or spoof frames.
The following CVEs have been assigned to this group of vulnerabilities:
CVE-2017-13077: Reinstallation of the pairwise key during the four-way handshake.
CVE-2017-13078: Reinstallation of the group key during the four-way handshake.
CVE-2017-13079: Reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake.
CVE-2017-13080: Reinstallation of the group key during the group key handshake.
CVE-2017-13081: Reinstallation of the IGTK during the group key handshake.
CVE-2017-13082: Reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake.
CVE-2017-13086: Reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake.
CVE-2017-13087: Reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: Reinstallation of the IGTK when processing a WNM Sleep Mode Response frame.
A CVSS v3 base score of 8.1 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
Mathy Vanhoef of imec-DistriNet, KU Leuven discovered these vulnerabilities. PEPPERL+FUCHS reported to CERT@VDE that their products are affected. CERT@VDE coordinated these vulnerabilities with ICS-CERT.
Critical Infrastructure Sectors: Communications, Critical Manufacturing, Information Technology
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13077
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13078
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13079
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13080
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13081
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13082
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13086
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13087
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13088
cert.vde.com/de-de/advisories/vde-2017-005
cwe.mitre.org/data/definitions/323.html
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=PEPPERL%2BFUCHS/ecom%20instruments%20WLAN%20Capable%20Devices%20using%20the%20WPA2%20Protocol+https://www.cisa.gov/news-events/ics-advisories/icsa-17-353-02
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/ics-advisories/icsa-17-353-02&title=PEPPERL%2BFUCHS/ecom%20instruments%20WLAN%20Capable%20Devices%20using%20the%20WPA2%20Protocol
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/ics-advisories/icsa-17-353-02
www.oig.dhs.gov/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/ics-advisories/icsa-17-353-02
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=PEPPERL%2BFUCHS/ecom%20instruments%20WLAN%20Capable%20Devices%20using%20the%20WPA2%20Protocol&body=www.cisa.gov/news-events/ics-advisories/icsa-17-353-02
8.1 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.4%