CVE-2017-13082
Summary
| CVE | CVE-2017-13082 |
|---|---|
| State | PUBLISHED |
| Assigner | certcc |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-10-17 13:29:00 UTC |
| Updated | 2025-04-20 01:37:25 UTC |
| Description | Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. |
Risk And Classification
Primary CVSS: v3.0 8.1 HIGH from [email protected]
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Problem Types: CWE-323 | CWE-330 | CWE-323 CWE-323: Reusing a Nonce, Key Pair in Encryption
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 8.1 | HIGH | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| 2.0 | [email protected] | Primary | 5.8 | AV:A/AC:L/Au:N/C:P/I:P/A:P |
CVSS v3.0 Breakdown
Attack Vector
AdjacentAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
NoneCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS v2.0 Breakdown
Access Vector
AdjacentAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:A/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 17.04 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Freebsd | Freebsd | All | All | All | All |
| Operating System | Freebsd | Freebsd | 10 | All | All | All |
| Operating System | Freebsd | Freebsd | 10.4 | All | All | All |
| Operating System | Freebsd | Freebsd | 11 | All | All | All |
| Operating System | Freebsd | Freebsd | 11.1 | All | All | All |
| Operating System | Opensuse | Leap | 42.2 | All | All | All |
| Operating System | Opensuse | Leap | 42.3 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7 | All | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp2 | All | All |
| Operating System | Suse | Linux Enterprise Desktop | 12 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Point Of Sale | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp3 | All | All |
| Operating System | Suse | Linux Enterprise Server | 11 | sp4 | All | All |
| Operating System | Suse | Linux Enterprise Server | 12 | All | All | All |
| Operating System | Suse | Openstack Cloud | 6 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.4 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.5 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.6 | All | All | All |
| Application | W1.fi | Hostapd | 0.2.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.3.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.4.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.11 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.7 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.5.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.10 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.8 | All | All | All |
| Application | W1.fi | Hostapd | 0.6.9 | All | All | All |
| Application | W1.fi | Hostapd | 0.7.3 | All | All | All |
| Application | W1.fi | Hostapd | 1.0 | All | All | All |
| Application | W1.fi | Hostapd | 1.1 | All | All | All |
| Application | W1.fi | Hostapd | 2.0 | All | All | All |
| Application | W1.fi | Hostapd | 2.1 | All | All | All |
| Application | W1.fi | Hostapd | 2.2 | All | All | All |
| Application | W1.fi | Hostapd | 2.3 | All | All | All |
| Application | W1.fi | Hostapd | 2.4 | All | All | All |
| Application | W1.fi | Hostapd | 2.5 | All | All | All |
| Application | W1.fi | Hostapd | 2.6 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.4 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.5 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.6 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.2.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.3.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.4.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.11 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.7 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.5.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.10 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.8 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.6.9 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 0.7.3 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 1.0 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 1.1 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.0 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.1 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.2 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.3 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.4 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.5 | All | All | All |
| Application | W1.fi | Wpa Supplicant | 2.6 | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Wi-Fi Alliance | Wi-Fi Protected Access WPA And WPA2 | affected WPA | Not specified |
| CNA | Wi-Fi Alliance | Wi-Fi Protected Access WPA And WPA2 | affected WPA2 | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GitHub - vanhoefm/krackattacks-scripts | af854a3a-2127-422b-91ae-364da2661108 | github.com | Exploit, Third Party Advisory |
| KRACKs - wpa_supplicant Multiple Vulnerabilities - Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| Android Security Bulletin—November 2017 | Android Open Source Project | af854a3a-2127-422b-91ae-364da2661108 | source.android.com | |
| Cisco Aironet WPA2 Protocol Key Reinstallation Attack Lets Remote Users Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc | af854a3a-2127-422b-91ae-364da2661108 | security.FreeBSD.org | Third Party Advisory |
| PEPPERL+FUCHS / ecom instruments WLAN enabled products utilizing WPA2 encryption (Update A) — English (USA) | af854a3a-2127-422b-91ae-364da2661108 | cert.vde.com | |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | access.redhat.com | Third Party Advisory |
| hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (GLSA 201711-03) — Gentoo Security | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | |
| Cisco ASA 5506W-X WPA2 Protocol Key Reinstallation Attack Lets Remote Users Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-message... | af854a3a-2127-422b-91ae-364da2661108 | w1.fi | Third Party Advisory |
| Rockwell Automation Stratix 5100 | ICS-CERT | af854a3a-2127-422b-91ae-364da2661108 | ics-cert.us-cert.gov | |
| Vulnerability Note VU#228519 - Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | Third Party Advisory, US Government Resource |
| www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt | af854a3a-2127-422b-91ae-364da2661108 | www.arubanetworks.com | Third Party Advisory |
| wpa_supplicant WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| [security-announce] openSUSE-SU-2020:0222-1: moderate: Security update f | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II | af854a3a-2127-422b-91ae-364da2661108 | tools.cisco.com | Third Party Advisory |
| Oracle Critical Patch Update - January 2018 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| Sign In | af854a3a-2127-422b-91ae-364da2661108 | rockwellautomation.custhelp.com | |
| Oracle Critical Patch Update - April 2018 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| WPA2 Protocol Vulnerabilities - US | af854a3a-2127-422b-91ae-364da2661108 | support.lenovo.com | Third Party Advisory |
| ArubaOS WPA/WPA2 Protocol Key Reinstallation Attack Lets Remote Users Access and Modify Data on the Target Wireless Network - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | Third Party Advisory, VDB Entry |
| cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf | af854a3a-2127-422b-91ae-364da2661108 | cert-portal.siemens.com | |
| www.securityfocus.com/bid/101274 | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Debian -- Security Information -- DSA-3999-1 wpa | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| KRACK Attacks: Breaking WPA2 | af854a3a-2127-422b-91ae-364da2661108 | www.krackattacks.com | Technical Description, Third Party Advisory |
| USN-3455-1: wpa_supplicant and hostapd vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 378244 Virtuozzo Linux Security Update for wpa_supplicant (VZLSA-2017:2907)
- 500246 Alpine Linux Security Update for hostapd
- 500740 Alpine Linux Security Update for wpa_supplicant
- 503996 Alpine Linux Security Update for hostapd
- 504516 Alpine Linux Security Update for wpa_supplicant
- 590332 Rockwell Automation Stratix 5100 (Update A) Vulnerability (ICSA-17-299-02)
- 591394 ABB TropOS wireless mesh products WPA2 Key Reinstallation Multiple Vulnerabilities (ICSA-17-318-02A, ABBVU-PGGA-1KHW028907)
- 710321 Gentoo Linux hostapd and wpa_supplicant Key Reinstallation Vulnerability (GLSA 201711-03)
- 750549 OpenSUSE Security Update for wpa_supplicant (openSUSE-SU-2020:2059-1)
- 750557 OpenSUSE Security Update for wpa_supplicant (openSUSE-SU-2020:2053-1)
- 752179 SUSE Enterprise Linux Security Update for wpa_supplicant (SUSE-SU-2022:1853-1)