CVE-2017-13082

Summary

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Affected Software

VendorProductVersion RangeStatus
Wi-Fi AllianceWi-Fi Protected Access (WPA and WPA2)WPAaffected
Wi-Fi AllianceWi-Fi Protected Access (WPA and WPA2)WPA2affected

Weaknesses

  • CWE-323: CWE-323: Reusing a Nonce, Key Pair in Encryption

ADP Enrichment

CVE Program Container

Additional References

References