A serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks, has been discovered. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites (https://www.krackattacks.com for more details).
Which Endian products are affected?
- UTM Mini WiFi Series
How to fix your Endian?
Just update your appliance to the latest release, 5.0.4. Using Endian Network you can easily update all your customer appliances in a single click, providing security fixes and updates to all your managed networks.
RECOMMENDED: patch your WiFi clients (smartphone, notebook, etc) with the latest update from vendors, in order to completely remove your exposure to this attack ( https://github.com/kristate/krackinfo#vendor-response-complete )
CVE about this vulnerability
- CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
- CVE-2017-13078: reinstallation of the group key in the Four-way handshake
- CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
- CVE-2017-13080: reinstallation of the group key in the Group Key handshake
- CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
- CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
- CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
- CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Comments