October 16, 2017

Several Key Vulnerabilities Found in WPA2 Security Protocol

Several key vulnerabilities have been found in the Wi-Fi Protected Access II (WPA2) security protocol that may allow cybercriminals to eavesdrop on Wi-Fi traffic between computers and access points. If exploited, attackers may take control of affected systems to conduct attacks such as packet replay, TCP connection hijacking, HTTP content injection, arbitrary packet decryption, and more. 
 
The following vulnerabilities in the WPA2 protocol have been disclosed: 
  • CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
  • CVE-2017-13078: reinstallation of the group key in the Four-way handshake
  • CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
  • CVE-2017-13080: reinstallation of the group key in the Group Key handshake
  • CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
  • CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
  • CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Currently, it is believed that all WPA2 wireless networking may be affected as these vulnerabilities are not found to be within individual WPA2 implementations. 

Required Action

At this time, Herjavec Group does not believe that these vulnerabilities may result in a widespread attack. However we highly recommend users to install updates to affected products as they become available. A list of all the vendors with affected products and the necessary updates can be found here. In addition, we also recommend that the standard security protocols are followed when browsing online, i.e. if transmitting any confidential data, ensure that the websites are SSL-secured (website URL will show ‘https’ instead of ‘http’). 
 
We are currently monitoring this alert and will communicate any updates as they are available. 

If you have questions or concerns, please connect with a Herjavec Group security specialist


About Herjavec Group

Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. Herjavec Group delivers SOC 2 Type 2 certified managed security services supported by state-of-the-art, PCI compliant, Security Operations Centers, operated 24/7/365 by certified security professionals. This expertise is coupled with leadership positions across a wide range of functions including consulting, professional services & incident response. Herjavec Group has offices globally including across the United States, the United Kingdom, and Canada. For more information, visit www.herjavecgroup.com.

Stay Informed 

  rhsm-3  Follow us on Twitter

  rhsm-2  Connect with us on LinkedIn

 

*By selecting one of the communications above, you consent to Herjavec Group
 sending commercial electronic messages to you for marketing purposes, including information about the products, services and events selected.