CVE-2017-13087
wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Severity Score
5.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalación de la clave GTK (Group Temporal Key) cuando se procesa un frame Wireless Network Management (WNM) Sleep Mode Response, haciendo que un atacante que se sitúe dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes.
A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used group key (GTK) during a Wireless Network Management (WNM) Sleep Mode handshake.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-08-22 CVE Reserved
- 2017-10-16 CVE Published
- 2024-08-05 CVE Updated
- 2024-09-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-323: Reusing a Nonce, Key Pair in Encryption
- CWE-330: Use of Insufficiently Random Values
CAPEC
References (27)
| URL | Tag | Source |
|---|---|---|
| http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt | Third Party Advisory | |
| http://www.kb.cert.org/vuls/id/228519 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/101274 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039573 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039576 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039577 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039578 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039581 | Third Party Advisory | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf | X_refsource_confirm |
|
| https://cert.vde.com/en-us/advisories/vde-2017-005 | X_refsource_confirm | |
| https://source.android.com/security/bulletin/2017-11-01 | X_refsource_confirm | |
| https://support.lenovo.com/us/en/product_security/LEN-17420 | Third Party Advisory | |
| https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt | Third Party Advisory | |
| https://www.krackattacks.com | Technical Description |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 17.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.04" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | * | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10 Search vendor "Freebsd" for product "Freebsd" and version "10" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.4 Search vendor "Freebsd" for product "Freebsd" and version "10.4" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11 Search vendor "Freebsd" for product "Freebsd" and version "11" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.1 Search vendor "Freebsd" for product "Freebsd" and version "11.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.2 Search vendor "Opensuse" for product "Leap" and version "42.2" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.3 Search vendor "Opensuse" for product "Leap" and version "42.3" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 7 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "7" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.2.4 Search vendor "W1.fi" for product "Hostapd" and version "0.2.4" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.2.5 Search vendor "W1.fi" for product "Hostapd" and version "0.2.5" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.2.6 Search vendor "W1.fi" for product "Hostapd" and version "0.2.6" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.2.8 Search vendor "W1.fi" for product "Hostapd" and version "0.2.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.3.7 Search vendor "W1.fi" for product "Hostapd" and version "0.3.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.3.9 Search vendor "W1.fi" for product "Hostapd" and version "0.3.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.3.10 Search vendor "W1.fi" for product "Hostapd" and version "0.3.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.3.11 Search vendor "W1.fi" for product "Hostapd" and version "0.3.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.4.7 Search vendor "W1.fi" for product "Hostapd" and version "0.4.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.4.8 Search vendor "W1.fi" for product "Hostapd" and version "0.4.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.4.9 Search vendor "W1.fi" for product "Hostapd" and version "0.4.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.4.10 Search vendor "W1.fi" for product "Hostapd" and version "0.4.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.4.11 Search vendor "W1.fi" for product "Hostapd" and version "0.4.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.5.7 Search vendor "W1.fi" for product "Hostapd" and version "0.5.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.5.8 Search vendor "W1.fi" for product "Hostapd" and version "0.5.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.5.9 Search vendor "W1.fi" for product "Hostapd" and version "0.5.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.5.10 Search vendor "W1.fi" for product "Hostapd" and version "0.5.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.5.11 Search vendor "W1.fi" for product "Hostapd" and version "0.5.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.6.8 Search vendor "W1.fi" for product "Hostapd" and version "0.6.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.6.9 Search vendor "W1.fi" for product "Hostapd" and version "0.6.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.6.10 Search vendor "W1.fi" for product "Hostapd" and version "0.6.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 0.7.3 Search vendor "W1.fi" for product "Hostapd" and version "0.7.3" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 1.0 Search vendor "W1.fi" for product "Hostapd" and version "1.0" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 1.1 Search vendor "W1.fi" for product "Hostapd" and version "1.1" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.0 Search vendor "W1.fi" for product "Hostapd" and version "2.0" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.1 Search vendor "W1.fi" for product "Hostapd" and version "2.1" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.2 Search vendor "W1.fi" for product "Hostapd" and version "2.2" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.3 Search vendor "W1.fi" for product "Hostapd" and version "2.3" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.4 Search vendor "W1.fi" for product "Hostapd" and version "2.4" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.5 Search vendor "W1.fi" for product "Hostapd" and version "2.5" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | Hostapd Search vendor "W1.fi" for product "Hostapd" | 2.6 Search vendor "W1.fi" for product "Hostapd" and version "2.6" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.2.4 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.4" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.2.5 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.5" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.2.6 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.6" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.2.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.2.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.2.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.3.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.3.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.3.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.3.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.3.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.3.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.4.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.4.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.4.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.4.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.4.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.4.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.5.7 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.7" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.5.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.5.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.5.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.5.11 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.5.11" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.6.8 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.8" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.6.9 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.9" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.6.10 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.6.10" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 0.7.3 Search vendor "W1.fi" for product "WPA Supplicant" and version "0.7.3" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 1.0 Search vendor "W1.fi" for product "WPA Supplicant" and version "1.0" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 1.1 Search vendor "W1.fi" for product "WPA Supplicant" and version "1.1" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.0 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.0" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.1 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.1" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.2 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.2" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.3 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.3" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.4 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.4" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.5 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.5" | - |
Affected
| ||||||
| W1.fi Search vendor "W1.fi" | WPA Supplicant Search vendor "W1.fi" for product "WPA Supplicant" | 2.6 Search vendor "W1.fi" for product "WPA Supplicant" and version "2.6" | - |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop" | 12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12" | sp2 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop" | 12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Point Of Sale Search vendor "Suse" for product "Linux Enterprise Point Of Sale" | 11 Search vendor "Suse" for product "Linux Enterprise Point Of Sale" and version "11" | sp3 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp3, ltss |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp4 |
Affected
| ||||||
| Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | ltss |
Affected
| ||||||
| Suse Search vendor "Suse" | Openstack Cloud Search vendor "Suse" for product "Openstack Cloud" | 6 Search vendor "Suse" for product "Openstack Cloud" and version "6" | - |
Affected
| ||||||