CVE-2017-13080
Summary
| CVE | CVE-2017-13080 |
|---|---|
| State | PUBLISHED |
| Assigner | certcc |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-10-17 13:29:00 UTC |
| Updated | 2025-04-20 01:37:25 UTC |
| Description | Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients. |
Risk And Classification
Primary CVSS: v3.0 5.3 MEDIUM from [email protected]
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Problem Types: CWE-323 | CWE-330 | CWE-323 CWE-323: Reusing a Nonce, Key Pair in Encryption
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 5.3 | MEDIUM | CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
| 2.0 | [email protected] | Primary | 2.9 | AV:A/AC:M/Au:N/C:N/I:P/A:N |
CVSS v3.0 Breakdown
Attack Vector
AdjacentAttack Complexity
HighPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
HighAvailability
NoneCVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS v2.0 Breakdown
Access Vector
AdjacentAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
PartialAvailability
NoneAV:A/AC:M/Au:N/C:N/I:P/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 17.04 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Freebsd | Freebsd | All | All | All | All |
| Operating System | Freebsd | Freebsd | 10 | All | All | All |
| Operating System | Freebsd | Freebsd | 10.4 | All | All | All |
| Operating System | Freebsd | Freebsd | 11 | All | All | All |
| Operating System | Freebsd | Freebsd | 11.1 | All | All | All |
| Operating System | Opensuse | Leap | 42.2 | All | All | All |
| Operating System | Opensuse | Leap | 42.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7 | All | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Point Of Sale | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | All | All | All |
| Operating System | Suse | Openstack Cloud | 6 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.4 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.5 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.6 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.7.3 | All | All | All |
| Application | W1.fi | Hostapd | 1.0 | All | All | All |
| Application | W1.fi | Hostapd | 1.1 | All | All | All |
| Application | W1.fi | Hostapd | 2.0 | All | All | All |
| Application | W1.fi | Hostapd | 2.1 | All | All | All |
| Application | W1.fi | Hostapd | 2.2 | All | All | All |
| Application | W1.fi | Hostapd | 2.3 | All | All | All |
| Application | W1.fi | Hostapd | 2.4 | All | All | All |
| Application | W1.fi | Hostapd | 2.5 | All | All | All |
| Application | W1.fi | Hostapd | 2.6 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.4 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.5 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.6 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.7.3 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 1.0 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 1.1 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.0 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.1 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.2 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.3 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.4 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.5 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.6 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Wi-Fi Alliance | Wi-Fi Protected Access WPA And WPA2 | affected WPA | Not specified |
| CNA | Wi-Fi Alliance | Wi-Fi Protected Access WPA And WPA2 | affected WPA2 | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of watchOS 4.2 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| About the security content of watchOS 4.1 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| [security-announce] SUSE-SU-2017:2745-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| PHOENIX CONTACT WLAN enabled devices utilising WPA2 encryption (Update B) — English (USA) | af854a3a-2127-422b-91ae-364da2661108 | cert.vde.com | |
| KRACKs - wpa_supplicant Multiple Vulnerabilities - Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| Android Security Bulletin—November 2017 | Android Open Source Project | af854a3a-2127-422b-91ae-364da2661108 | source.android.com | |
| security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc | af854a3a-2127-422b-91ae-364da2661108 | security.FreeBSD.org | Third Party Advisory |
| [SECURITY] [DLA 1200-1] linux security update | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | |
| PEPPERL+FUCHS / ecom instruments WLAN enabled products utilizing WPA2 encryption (Update A) — English (USA) | af854a3a-2127-422b-91ae-364da2661108 | cert.vde.com | |
| Apple iOS Multiple Flaws Let Remote Users Execute Arbitrary Code, Modify Data, and Cause Denial of Service Conditions, Local and Remote Users Obtain Potentially Sensitive Information, and Applications Gain Elevated Privileges - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (GLSA 201711-03) — Gentoo Security | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | |
| w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-message... | af854a3a-2127-422b-91ae-364da2661108 | w1.fi | Third Party Advisory |
| About the security content of iOS 11.2 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| [security-announce] openSUSE-SU-2017:2755-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| [SECURITY] [DLA 1573-1] firmware-nonfree security update | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | |
| HPE Support document - HPE Support Center | af854a3a-2127-422b-91ae-364da2661108 | support.hpe.com | |
| Vulnerability Note VU#228519 - Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | Third Party Advisory, US Government Resource |
| www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt | af854a3a-2127-422b-91ae-364da2661108 | www.arubanetworks.com | Third Party Advisory |
| wpa_supplicant WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Juniper Junos SRX Series WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II | af854a3a-2127-422b-91ae-364da2661108 | tools.cisco.com | Third Party Advisory |
| INTEL-SA-00402 | af854a3a-2127-422b-91ae-364da2661108 | www.intel.com | |
| About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| About the security content of tvOS 11.1 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| Oracle Critical Patch Update - January 2018 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| Fortinet FortiOS WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Oracle Critical Patch Update - April 2018 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| About the security content of iOS 11.1 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| WPA2 Protocol Vulnerabilities - US | af854a3a-2127-422b-91ae-364da2661108 | support.lenovo.com | Third Party Advisory |
| About the security content of tvOS 11.2 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | |
| Cisco IP Phones WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| ArubaOS WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| {{windowTitle}} | af854a3a-2127-422b-91ae-364da2661108 | portal.msrc.microsoft.com | Vendor Advisory |
| cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf | af854a3a-2127-422b-91ae-364da2661108 | cert-portal.siemens.com | |
| Microsoft Windows WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| www.securityfocus.com/bid/101274 | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Debian -- Security Information -- DSA-3999-1 wpa | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| KRACK Attacks: Breaking WPA2 | af854a3a-2127-422b-91ae-364da2661108 | www.krackattacks.com | Technical Description, Third Party Advisory |
| USN-3455-1: wpa_supplicant and hostapd vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| [security-announce] SUSE-SU-2017:2752-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| Juniper ScreenOS WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 378244 Virtuozzo Linux Security Update for wpa_supplicant (VZLSA-2017:2907)
- 378248 Virtuozzo Linux Security Update for wpa_supplicant (VZLSA-2017:2911)
- 500246 Alpine Linux Security Update for hostapd
- 500740 Alpine Linux Security Update for wpa_supplicant
- 503996 Alpine Linux Security Update for hostapd
- 504516 Alpine Linux Security Update for wpa_supplicant
- 590571 PHOENIX CONTACT WLAN Capable Devices using the WPA2 Protocol Multiple Vulnerabilities (ICSA-17-325-01)
- 591073 Siemens SIMATIC RF350M and SIMATIC RF650M KRACK Attacks Multiple Vulnerabilities (SSA-418456)
- 591394 ABB TropOS wireless mesh products WPA2 Key Reinstallation Multiple Vulnerabilities (ICSA-17-318-02A, ABBVU-PGGA-1KHW028907)
- 671703 EulerOS Security Update for kernel (EulerOS-SA-2022-1735)
- 710321 Gentoo Linux hostapd and wpa_supplicant Key Reinstallation Vulnerability (GLSA 201711-03)
- 750549 OpenSUSE Security Update for wpa_supplicant (openSUSE-SU-2020:2059-1)
- 750557 OpenSUSE Security Update for wpa_supplicant (openSUSE-SU-2020:2053-1)
- 752179 SUSE Enterprise Linux Security Update for wpa_supplicant (SUSE-SU-2022:1853-1)