“An attacker within the wireless communications range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocol being used. Impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.”
https://www.kb.cert.org/vuls/id/228519
The vulnerabilities in question were discovered by Mathy Vanhoef, a security researcher at KU Leuven. Initial notifications were select Wi-Fi hardware manufacturers on July 14th, 2017 with CERT issuing broad notification to all affected manufacturers on August 28th, 2017. Upon CERT’s notification to all manufacturers, a security embargo was put into effect, preventing public disclosure of the vulnerabilities in order to allow manufacturers time to develop patches. Vulnerabilities were then publically disclosed on October 16th, 2017
Security Bulletins:
- CERT Vulnerability Note, VU#228519, to include affected vendors.
https://www.kb.cert.org/vuls/id/228519
- KU Leuven security researcher website
Infrastructure Vendor Advisories:
- Ciscohttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
- Merakihttps://documentation.meraki.com/zGeneral_Administration/Support/802.11r_Vulnerability_(CVE%3A_2017-13082)_FAQ
- Aruba Networkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
CVEs:
- CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
- CVE-2017-13078: reinstallation of the group key in the Four-way handshake
- CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
- CVE-2017-13080: reinstallation of the group key in the Group Key handshake
- CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
- CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
- CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
- CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
- CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
- CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Recommendations:
Immediate Mitigation:
rmsource recommends the following:
- Seek out security patching information from Wi-Fi hardware manufactures
- Ensure that wireless solutions are using AES-CCMP, rather than WPA-TKIP and GCMP for wireless encryption and connectivity.\
- Avoid using public wireless hotspots until further analysis and patches have been issued
- Use secure (encrypted) services, such as TLS1.2 enabled websites when connected to WiFi
- Use wired network connectivity over WiFi when available
- Use cellular network connectivity over WiFi when available
- Utilize VPN connectivity (split-tunneling disabled) when connected to WiFi networks.
System patching:
Affected vendors were informed of WPA2 KRACK vulnerabilities on Aug 28th, 2017 and have been working to develop patches for affected systems.
Patches are forthcoming and availability is still limited at the time of this writing.
rmsource recommends monitoring bulletins issued by affected vendors and applying all patches associated with WPA2 KRACK immediately upon release.