VDB
CVE-2017-13082
CVE-2017-13082
PUBLISHED
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
EPSS 0.43% · 62.9th percentile
Risk Scores
EPSS Score
0.43%
62.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | wpa | 2.4-0ubuntu3, 2.4-0ubuntu4, 2.4-0ubuntu6 |
| Ubuntu:14.04:LTS | wpa | 1.0-3ubuntu3, 1.0-3ubuntu4, 2.1-0ubuntu1 |
Exploit Intelligence
- https://github.com/vanhoefm/krackattacks-test-ap-ft (nist-nvd)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
- dnsmasq rop exploit with NX bypass (github-poc)
…and 407 more exploits
Timeline
- CVE Published
- Oct 16, 2017 PoC Published
- Nov 3, 2017 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-13082 third-party-advisory
- https://www.krackattacks.com/ third-party-advisory
- https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt third-party-advisory
- https://ubuntu.com/security/notices/USN-3455-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-13082 third-party-advisory
- Vulnérabilité dans le protocole WPA/WPA2 advisory