Vulnerability identifier: #VU8844
Vulnerability risk: High
CVSSv3.1: 9.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-320
Exploitation vector: Local network
Exploit availability: No
Description
The vulnerability allows an adjacent attacker to force an STSL to reinstall a previously used STK.
The weakness exists in the processing of the 802.11i 4-way PeerKey handshake messages of the WPA and WPA2 protocols due to ambiguities in the processing of associated protocol messages. An adjacent attacker can use man-in-the-middle techniques to retransmit previously used messages exchanges between stations.
External links
http://www.krackattacks.com/
http://papers.mathyvanhoef.com/ccs2017.pdf
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.