CVE-2017-13077

EPSS 2.4%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 2.4%KEV nãoPoC —Patch referenciado

Ciclo de vida

17 oct 2017Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Productos afectados

Wi-Fi Alliance · Wi-Fi Protected Access (WPA and WPA2)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://access.redhat.com/errata/RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2911 https://access.redhat.com/security/vulnerabilities/kracks https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://cert.vde.com/en-us/advisories/vde-2017-003 https://cert.vde.com/en-us/advisories/vde-2017-005 https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://source.android.com/security/bulletin/2017-11-01 https://source.android.com/security/bulletin/2018-04-01 https://source.android.com/security/bulletin/2018-06-01