CVE-2017-13086

CVE-2017-13086 affects WPA/WPA2, specifically the TDLS handshake where the TDLS PeerKey (TPK) can be reinstalled. The root cause is key reinstallation during the TDLS handshake, enabling an attacker within radio range to replay, decrypt, or spoof frames. This vulnerability is documented across mu...

CVE-2017-13086

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Tunneled Direct-Link Setup TDLS Peer Key TPK during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

ALPINE-CVE-2017-13077

Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Pairwise Transient Key PTK Temporal Key TK during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames...

WPA2 Wireless Network Hibernation Mode Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A group key reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause rando...

WPA2 Wireless Network STK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a group key reload vulnerability in the PeerKey handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to caus...

WPA2 Wireless Network PTK-TK Encryption Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a PTK-TK key reloading vulnerability in the fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

WPA2 Wireless Network GTK Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. WPA2 wireless networks suffer from a GTK group key reload vulnerability in the fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

WPA2 wireless network IGTK group key reloading vulnerability (CNVD-2017-30402)

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK group key reload vulnerability exists in WPA2 wireless networks. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause random number and...

WPA2 Wireless Network GTK Group Key Reinstallation Vulnerability (CNVD-2017-30403)

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A GTK group key reload vulnerability exists in WPA2 wireless networks. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause random number and...

WPA2 Wireless Network PTK-TK Encryption Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A PTK-TK encryption key reloading vulnerability exists in WPA2 wireless networks when receiving and processing retransmitted fast BSS transition re-association requests. The vulnerability is due to the fact that...

WPA2 Wireless Network TPK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. A TPK key vulnerability exists in WPA2 wireless networks when reinstalling a tunneled direct connection setting PeerKey in the TDLS handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II...

WPA2 Wireless Network Hibernation Mode IGTK Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK key integrity reload vulnerability exists in the WPA2 wireless network hibernation mode. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to...

WPA2 Wireless Network IGTK Group Key Reinstallation Vulnerability

WPA Wi-Fi Protected Access is a system for securing wireless computer networks Wi-Fi. An IGTK group key reload vulnerability exists in the WPA2 wireless network fourth handshake. The vulnerability is due to the fact that Wi-Fi Protected Access II WPA2 handshake traffic can be manipulated to cause...

Cisco Wireless IP Phone 8821 Multiple WPA2 Vulnerabilities

Cisco Wireless IP Phone 8821 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Cisco Aironet Access Points Multiple WPA2 Vulnerabilities

Cisco Aironet Access Points are prone to key reinstallation attacks against WPA protocol. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

CVE-2017-13088

A new exploitation technique called key reinstallation attacks KRACK affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used integrity group key IGTK durin...

Key Reinstallation Attacks: Cryptographic/protocol attack against WPA2

Several vulnerabilities affect the Wi-Fi Protected Access II WPA2 protocol, potentially enabling Man-in-the-Middle MitM attacks between Wifi Clients and Access Points running WPA2 . The impact includes decryption, packet replay, TCP connection hijacking and HTTP content injection...

Hitachi HIBUN Confidential File Decryption Program Untrustworthy Search Path Vulnerability (CNVD-2017-30835)

Hitachi HIBUN Confidential File Decryption program is a set of confidential file confidentiality program from Hitachi Solutions Japan. An untrustworthy search path vulnerability exists in Hitachi HIBUN Confidential File Decryption program versions prior to 10.50.0.5. The vulnerability can be...

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Overview Wi-Fi Protected Access WPA, more commonly WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point AP or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to...

[ASA-201710-22] wpa_supplicant: man-in-the-middle

Arch Linux Security Advisory ASA-201710-22 ========================================== Severity: High Date : 2017-10-16 CVE-ID : CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13087 CVE-2017-13088 Package : wpasupplicant Type : man-in-the-middle...