cancel
Showing results for 
Search instead for 
Did you mean: 

KRACK attack on WPA2

KRACK attack on WPA2

Johannes_Dennin
New Contributor
Hello everyone,
I have some questions due to the expected disclosure today on the attack possible on WPA2 SSIDs.
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.


Link: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...

- Is Extreme aware of this?
- Are Fixes ready to be released?
- Is a software fix sufficient or does hardware need to be replaced?

Thanks and best regards,

Johannes
84 REPLIES 84

fnaah
New Contributor

M_Nees
Contributor III
Putting a small statment to stay up to date regarding this topic.

Drew_C
Valued Contributor III
For others who are interested, the "follow" button at the top-right side of the page has the same effect 😉

StephanH
Valued Contributor III

In the described attack, a rough ap on a different channel is used to reinstall an already-in-use key. Therefore AirDefense and Radar can help to recognize the attacker (rough ap) and prevent clients to contact such an rough ap. This wil not solve the root cause but can reduce the possible attack area.
Regards Stephan

Drew_C
Valued Contributor III
I went ahead and published a preliminary Vulnerability Notice for KRACK. There's not much content right now, so we'll be updating it as more info comes in from various teams.

VN 2017-005 - KRACK, WPA2 Protocol Flaw
GTM-P2G8KFN