Multiple vulnerabilities in ESP-IDF
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 |
| CWE-ID | CWE-320 |
| Exploitation vector | Local network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. |
| Vulnerable software Subscribe |
ESP-IDF Server applications / Other server solutions |
| Vendor | Espressif Systems |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Key management errors
EUVDB-ID: #VU8837
Risk: High
CVSSv3.1:
CVE-ID: CVE-2017-13077
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used pairwise key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Key management errors
EUVDB-ID: #VU8838
Risk: High
CVSSv3.1:
CVE-ID: CVE-2017-13078
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used group key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
3) Key management errors
EUVDB-ID: #VU8839
Risk: High
CVSSv3.1:
CVE-ID: CVE-2017-13079
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used integrity group key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
4) Key management errors
EUVDB-ID: #VU8840
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2017-13080
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used group key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
The vulnerability is dubbed "KRACK" attack.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
5) Key management errors
EUVDB-ID: #VU8841
Risk: High
CVSSv3.1:
CVE-ID: CVE-2017-13081
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used integrity group key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
6) Key management errors
EUVDB-ID: #VU8842
Risk: High
CVSSv3.1:
CVE-ID: CVE-2017-13082
CWE-ID:
CWE-320 - Key Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to force a supplicant to reinstall a previously used pairwise key.
The weakness exists in the processing of the 802.11i 4-way handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used message exchanges between supplicant and authenticator.
Install update from vendor's website.
Vulnerable software versionsESP-IDF: 5.0 - 5.0
CPE2.3 External linkshttp://github.com/espressif/esp-idf/releases/tag/v5.0.1
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
