Several Key Vulnerabilities Found in WPA2 Security Protocol

October 16, 2017

Several key vulnerabilities have been found in the Wi-Fi Protected Access II (WPA2) security protocol that may allow cybercriminals to eavesdrop on Wi-Fi traffic between computers and access points. If exploited, attackers may take control of affected systems to conduct attacks such as packet replay, TCP connection hijacking, HTTP content injection, arbitrary packet decryption, and more.

The following vulnerabilities in the WPA2 protocol have been disclosed:

CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
CVE-2017-13078: reinstallation of the group key in the Four-way handshake
CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
CVE-2017-13080: reinstallation of the group key in the Group Key handshake
CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

Currently, it is believed that all WPA2 wireless networking may be affected as these vulnerabilities are not found to be within individual WPA2 implementations.

Required Action

At this time, Herjavec Group does not believe that these vulnerabilities may result in a widespread attack. However we highly recommend users to install updates to affected products as they become available. A list of all the vendors with affected products and the necessary updates can be found here. In addition, we also recommend that the standard security protocols are followed when browsing online, i.e. if transmitting any confidential data, ensure that the websites are SSL-secured (website URL will show 'https' instead of 'http').

We are currently monitoring this alert and will communicate any updates as they are available.

If you have questions or concerns, please connect with a Herjavec Group security specialist.

About Herjavec Group

Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. Herjavec Group delivers SOC 2 Type 2 certified managed security services supported by state-of-the-art, PCI compliant, Security Operations Centers, operated 24/7/365 by certified security professionals. This expertise is coupled with leadership positions across a wide range of functions including consulting, professional services & incident response. Herjavec Group has offices globally including across the United States, the United Kingdom, and Canada. For more information, visit www.herjavecgroup.com.

Stay Informed

Connect with us on LinkedIn

Subscribe to Herjavec Group News

About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Connect with us on LinkedIn