Hrack Attack – Wi-Fi vulnerability affecting WPA

WEP has been considered to be a flawed encryption and WiFi implementations have always concentrated on implementing WPA Encryption standard so as to ensure a secure WiFi communication channel.
By: Microworld Technologies Inc
 
 
Spread the Word
Listed Under

Tags:
* Wpa
* Krack Attack
* Escan

Industry:
* Technology

Location:
* Novi - Michigan - US

NOVI, Mich. - Oct. 18, 2017 - PRLog -- WEP has been considered to be a flawed encryption and WiFi implementations have always concentrated on implementing WPA Encryption standard so as to ensure a secure WiFi communication channel. However, recently researchers Mathy Vanhoef and Frank Piessens, from the University of Leuven, have found multiple flaws in WPA encryption which would allow hackers to decode the traffic and inject malicious packets into the secure WPA communications channel.

The vulnerabilities in itself are related to the WPA protocol standard which allows the attackers to force the devices to reissue the nonce effectively forcing the devices to initiate Key Reissue Attacks (KRACK).

This weakness in the protocol allows the attackers to sniff the traffic traversing between the devices and access-points while the worst case scenario is an injection of malware into websites. The vulnerability affects all devices running on Windows, MacOS, iOS, Android, and Linux. Due to the devastating implications of this vulnerability, Vendors have been quick to respond and made available patches to mitigate these vulnerabilities.

Identifiers:

1. CVE-2017-13077

2. CVE-2017-13078

3. CVE-2017-13079

4. CVE-2017-13080

5. CVE-2017-13081

6. CVE-2017-13082

7. CVE-2017-13084

8. CVE-2017-13086

9. CVE-2017-13087

10. CVE-2017-13088

More can be read about this research over here https://www.krackattacks.com/

Vendors:

Microsoft:


https://portal.msrc.microsoft.com/en-US/security-guidance...

Ubuntu:

https://usn.ubuntu.com/usn/usn-3455-1/

Redhat:

https://access.redhat.com/security/cve/cve-2017-13080

Intel:

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr

Advisory:

1: Patch your devices as and when the patches are made available

2: Since this is a protocol-level vulnerability, changing password wouldn't help in mitigating the attacks.

For more information, please visit - https://www.escanav.com/

Media Contact
39555 Orchard Hill Place, Suite 600
Novi, MI 48375
***@escanav.com
12483745020
End
Email:***@escanav.com Email Verified
Tags:Wpa, Krack Attack, Escan
Industry:Technology
Location:Novi - Michigan - United States
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
eScan Anti-Virus News
Trending
Most Viewed
Daily News



Like PRLog?
9K2K1K
Click to Share