UDTSecure Threat Advisory - ID: 1037974

UDTSecure Threat Advisory – ID: 1037974

CVE Reference: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084,CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
Date: October 16th, 2017
Status: Confirmed
Fix Available: Partial (vendor dependent)
Impact: WPA2 weaknesses allow decryption of traffic, connection hijacking, and injection of malicious content.
Security Rating: CRITICAL

Overview
Wi-Fi Protected Access II (WPA2) has multiple vulnerabilities which allow attackers to decrypt traffic, hijack connections, and inject malicious content for users of WPA2 networks.

WPA2 handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities after establishing a man-in-the-middle position to conduct a variety of attacks and steal sensitive information such as usernames and passwords, credit card numbers, social security numbers, e-mails, etc.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks.

Affected Software:
Because these are vulnerabilities in the WPA2 protocol itself, rather than an implementation of the standard, all products that correctly implement WPA2 are likely affected.

Recommendation:
Users should install updates to affected products and hosts as soon as they become available. Unless a known patch has been applied, assume that all WPA2 enabled Wi-Fi devices are vulnerable.

If it is possible, users with vulnerable access points or clients should avoid using Wi-Fi until patches are made available for the affected device. If it is not possible to avoid using Wi-Fi, it is recommended to use HTTPS, SSH, or other reliable protocols to encrypt traffic. Use of virtual private networks (VPNs) can be an added safety measure when implemented properly. Consider changing passwords for accounts/devices that have recently been accessed over a Wi-Fi network using WPA2 via a vulnerable device (the WPA password itself cannot be obtained using this attack).

Underlying Affected Products:
All products that correctly implement WPA2 are likely affected. Linux and Android 6.0 and above are at a greater risk of having their data decrypted; macOS and Windows are also affected to a lesser extent. We highly recommend you visit each vendor’s website for products and/or system components that are applicable to your environment and infrastructure for more specific information on remediation of these vulnerabilities.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

K12 Budgeting: Planning Your 1:1 Device Refresh Program Cost

As K12 education evolves, managing 1:1 device programs effectively is crucial. These programs, providing each student with a personal computing device, play a pivotal role in modern education. Success demands strategic planning, communication, foresight, and a holistic approach to device management. With digital learning on the rise, these devices are more than just tools for accessing information; they are platforms for interactive, core learning experiences. However, funding remains a significant hurdle, making effective budgeting for your device refresh program essential for optimizing ROI and device longevity.

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.