CVE-2017-13077

wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake

Severity Score

6.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Wi-Fi Protected Access (WPA y WPA2) permite la reinstalación de la clave temporal (TK) PTK (Pairwise Transient Key) durante la negociación en cuatro pasos, haciendo que un atacante que se sitúe entro del radio responda, descifre o suplante frames.

A new exploitation technique called key reinstallation attacks (KRACKs) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) during a 4-way handshake.

*Credits: N/A

CVSS Scores

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Adjacent

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-08-22 CVE Reserved
2017-10-16 CVE Published
2023-04-18 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-323: Reusing a Nonce, Key Pair in Encryption
CWE-330: Use of Insufficiently Random Values

CAPEC

References (37)

URL	Tag	Source
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt	Third Party Advisory
http://www.kb.cert.org/vuls/id/228519	Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	X_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	X_refsource_confirm
http://www.securityfocus.com/bid/101274	Third Party Advisory
http://www.securitytracker.com/id/1039573	Third Party Advisory
http://www.securitytracker.com/id/1039576	Third Party Advisory
http://www.securitytracker.com/id/1039577	Third Party Advisory
http://www.securitytracker.com/id/1039578	Third Party Advisory
http://www.securitytracker.com/id/1039581	Third Party Advisory
http://www.securitytracker.com/id/1039585	Third Party Advisory
http://www.securitytracker.com/id/1041432	Vdb Entry
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf	X_refsource_confirm
https://cert.vde.com/en-us/advisories/vde-2017-003	X_refsource_confirm
https://cert.vde.com/en-us/advisories/vde-2017-005	X_refsource_confirm
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html	Mailing List
https://source.android.com/security/bulletin/2017-11-01	X_refsource_confirm
https://source.android.com/security/bulletin/2018-04-01	X_refsource_confirm
https://source.android.com/security/bulletin/2018-06-01	X_refsource_confirm
https://support.apple.com/HT208219	X_refsource_confirm
https://support.apple.com/HT208220	X_refsource_confirm
https://support.apple.com/HT208221	X_refsource_confirm
https://support.apple.com/HT208222	X_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us	X_refsource_confirm
https://support.lenovo.com/us/en/product_security/LEN-17420	Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Third Party Advisory
https://www.krackattacks.com	Technical Description

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.debian.org/security/2017/dsa-3999	2019-10-03
http://www.ubuntu.com/usn/USN-3455-1	2019-10-03
https://access.redhat.com/errata/RHSA-2017:2907	2019-10-03
https://access.redhat.com/errata/RHSA-2017:2911	2019-10-03
https://access.redhat.com/security/vulnerabilities/kracks	2017-10-18
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc	2019-10-03
https://security.gentoo.org/glsa/201711-03	2019-10-03
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa	2019-10-03
https://access.redhat.com/security/cve/CVE-2017-13077	2017-10-18
https://bugzilla.redhat.com/show_bug.cgi?id=1491692	2017-10-18

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				17.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.04"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				*		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				10 Search vendor "Freebsd" for product "Freebsd" and version "10"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				10.4 Search vendor "Freebsd" for product "Freebsd" and version "10.4"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				11 Search vendor "Freebsd" for product "Freebsd" and version "11"		-		Affected
Freebsd Search vendor "Freebsd"		Freebsd Search vendor "Freebsd" for product "Freebsd"				11.1 Search vendor "Freebsd" for product "Freebsd" and version "11.1"		-		Affected
Opensuse Search vendor "Opensuse"		Leap Search vendor "Opensuse" for product "Leap"				42.2 Search vendor "Opensuse" for product "Leap" and version "42.2"		-		Affected
Opensuse Search vendor "Opensuse"		Leap Search vendor "Opensuse" for product "Leap"				42.3 Search vendor "Opensuse" for product "Leap" and version "42.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop"				7 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server"				7 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.2.4 Search vendor "W1.fi" for product "Hostapd" and version "0.2.4"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.2.5 Search vendor "W1.fi" for product "Hostapd" and version "0.2.5"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.2.6 Search vendor "W1.fi" for product "Hostapd" and version "0.2.6"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.2.8 Search vendor "W1.fi" for product "Hostapd" and version "0.2.8"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.3.7 Search vendor "W1.fi" for product "Hostapd" and version "0.3.7"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.3.9 Search vendor "W1.fi" for product "Hostapd" and version "0.3.9"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.3.10 Search vendor "W1.fi" for product "Hostapd" and version "0.3.10"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.3.11 Search vendor "W1.fi" for product "Hostapd" and version "0.3.11"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.4.7 Search vendor "W1.fi" for product "Hostapd" and version "0.4.7"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.4.8 Search vendor "W1.fi" for product "Hostapd" and version "0.4.8"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.4.9 Search vendor "W1.fi" for product "Hostapd" and version "0.4.9"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.4.10 Search vendor "W1.fi" for product "Hostapd" and version "0.4.10"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.4.11 Search vendor "W1.fi" for product "Hostapd" and version "0.4.11"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.5.7 Search vendor "W1.fi" for product "Hostapd" and version "0.5.7"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.5.8 Search vendor "W1.fi" for product "Hostapd" and version "0.5.8"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.5.9 Search vendor "W1.fi" for product "Hostapd" and version "0.5.9"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.5.10 Search vendor "W1.fi" for product "Hostapd" and version "0.5.10"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.5.11 Search vendor "W1.fi" for product "Hostapd" and version "0.5.11"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.6.8 Search vendor "W1.fi" for product "Hostapd" and version "0.6.8"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.6.9 Search vendor "W1.fi" for product "Hostapd" and version "0.6.9"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.6.10 Search vendor "W1.fi" for product "Hostapd" and version "0.6.10"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				0.7.3 Search vendor "W1.fi" for product "Hostapd" and version "0.7.3"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				1.0 Search vendor "W1.fi" for product "Hostapd" and version "1.0"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				1.1 Search vendor "W1.fi" for product "Hostapd" and version "1.1"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.0 Search vendor "W1.fi" for product "Hostapd" and version "2.0"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.1 Search vendor "W1.fi" for product "Hostapd" and version "2.1"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.2 Search vendor "W1.fi" for product "Hostapd" and version "2.2"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.3 Search vendor "W1.fi" for product "Hostapd" and version "2.3"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.4 Search vendor "W1.fi" for product "Hostapd" and version "2.4"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.5 Search vendor "W1.fi" for product "Hostapd" and version "2.5"		-		Affected
W1.fi Search vendor "W1.fi"		Hostapd Search vendor "W1.fi" for product "Hostapd"				2.6 Search vendor "W1.fi" for product "Hostapd" and version "2.6"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.2.4 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.4"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.2.5 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.5"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.2.6 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.6"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.2.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.7"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.2.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.8"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.3.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.7"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.3.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.8"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.3.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.9"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.3.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.10"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.3.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.11"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.4.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.7"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.4.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.8"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.4.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.9"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.4.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.10"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.4.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.11"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.5.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.7"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.5.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.8"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.5.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.9"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.5.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.10"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.5.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.11"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.6.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.8"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.6.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.9"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.6.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.10"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				0.7.3 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.7.3"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				1.0 Search vendor "W1.fi" for product "WPA Supplicant" and version "1.0"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				1.1 Search vendor "W1.fi" for product "WPA Supplicant" and version "1.1"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.0 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.0"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.1 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.1"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.2 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.2"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.3 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.3"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.4 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.4"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.5 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.5"		-		Affected
W1.fi Search vendor "W1.fi"		WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant"				2.6 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.6"		-		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12"		sp2		Affected
Suse Search vendor "Suse"		Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop"				12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12"		sp3		Affected
Suse Search vendor "Suse"		Linux Enterprise Point Of Sale Search vendor "Suse" for product "Linux Enterprise Point Of Sale"				11 Search vendor "Suse" for product "Linux Enterprise Point Of Sale" and version "11"		sp3		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11"		sp3, ltss		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11"		sp4		Affected
Suse Search vendor "Suse"		Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server"				12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12"		ltss		Affected
Suse Search vendor "Suse"		Openstack Cloud Search vendor "Suse" for product "Openstack Cloud"				6 Search vendor "Suse" for product "Openstack Cloud" and version "6"		-		Affected