CVE-2017-13077

EPSS 2.4%

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 2.4%KEV nãoPoC —Patch referenciado

Ciclo de vida

17 out 2017Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Produtos afetados

Wi-Fi Alliance · Wi-Fi Protected Access (WPA and WPA2)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://access.redhat.com/errata/RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2911 https://access.redhat.com/security/vulnerabilities/kracks https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://cert.vde.com/en-us/advisories/vde-2017-003 https://cert.vde.com/en-us/advisories/vde-2017-005 https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://source.android.com/security/bulletin/2017-11-01 https://source.android.com/security/bulletin/2018-04-01 https://source.android.com/security/bulletin/2018-06-01