A cyber security researcher from University of Leuven (KU Leuven), has identified a severe flaw in the Wi-Fi Protected Access II (WPA2) protocol that secures most of the modern protected Wi-Fi networks at home and businesses world wide.
To make things even worse this vulnerability is not associated to a piece of software or hardware but affects the WPA2 WI-FI protocol itself.
This type of attack allows cyber criminals to break the encryption of WPA2 protocol ,view and analyze the formerly encrypted traffic and even inject packets into a victim's data, forging web traffic.
By having this much ability to cause harm, hackers have the availability to to view their attackers web , steal their usernames and passwords, and
A list of available products and updates will be available in this US-CERT advisory Page that will go live in the following hours. Note: No updates are available at the time of publishing this blog.
The following Common Vulnerability Exposure (CVE) identifiers will help your your cyber security team determine wehteher your devices have received patches for the WPA2 flaws.
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
To find out how your cyber security team can use ServiceNow SecOps Vulnerability Response to mitigate these rules please click here.
Share on Facebook
Share on Twitter
I'm busy working on my blog posts. Watch this space!