Intel Active Management Technology WPA2 Key Reinstallation Vulnerabilities - KRACK

2017-10-1900:00:00

plugins.openvas.org

6.8 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

7.5 High

AI Score

Confidence

Low

5.4 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

WPA2 as used in Intel Active Management Technology is prone to multiple security weaknesses aka Key Reinstallation Attacks (KRACK)

# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/o:intel:active_management_technology_firmware";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.107191");
  script_version("2023-08-18T16:09:48+0000");
  script_tag(name:"last_modification", value:"2023-08-18 16:09:48 +0000 (Fri, 18 Aug 2023)");
  script_tag(name:"creation_date", value:"2017-10-19 13:48:56 +0700 (Thu, 19 Oct 2017)");
  script_tag(name:"cvss_base", value:"5.4");
  script_tag(name:"cvss_base_vector", value:"AV:A/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2019-10-03 00:03:00 +0000 (Thu, 03 Oct 2019)");

  script_cve_id("CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13080");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"Mitigation");

  script_name("Intel Active Management Technology WPA2 Key Reinstallation Vulnerabilities - KRACK");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2017 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_intel_amt_webui_detect.nasl");
  script_mandatory_keys("intel_amt/installed");

  script_tag(name:"summary", value:"WPA2 as used in Intel Active Management Technology is prone to multiple security weaknesses aka Key Reinstallation Attacks (KRACK)");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"affected", value:"Intel AMT firmware versions 2.5.x, 2.6, 4.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.0-11.8.");

  script_tag(name:"solution", value:"Intel is targeting an updated firmware release to System Manufacturers in early November 2017 to address the identified WPA2 vulnerabilities.
  Please contact System Manufacturers to ascertain availability of the updated firmware for their impacted systems.
  Until the firmware update is deployed, configuring Active Management Technology in TLS Mode to encrypt manageability
  network traffic is considered a reasonable mitigation for remote network man-in-the-middle or eavesdropping attacks.");

  script_xref(name:"URL", value:"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00101.html");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!version = get_app_version(cpe: CPE, port: port))
  exit(0);

if (version_is_less(version: version, test_version: "8")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "None Available");
  security_message(port: port, data: report);
  exit(0);
}

if (version =~ "^(8(\.[0-9]+)?|9(\.[0-9]+)?|10(\.[0-9]+)?)" || version_in_range(version: version, test_version: "11.0", test_version2: "11.8")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "See Vendor");
  security_message(port: port, data: report);
  exit(0);
}

exit(99);